CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0891

Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 before 1.2.5 and Enterprise 1.0 before 1.2.5 and 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2012-0891

Puppet » Puppet Dashboard » Version: 1.0.0

cpe:2.3:a:puppet:puppet_dashboard:1.0.0
Puppet » Puppet Dashboard » Version: 1.0.3

cpe:2.3:a:puppet:puppet_dashboard:1.0.3
Puppet » Puppet Dashboard » Version: 1.0.4

cpe:2.3:a:puppet:puppet_dashboard:1.0.4
Puppet » Puppet Dashboard » Version: 1.1.0

cpe:2.3:a:puppet:puppet_dashboard:1.1.0
Puppet » Puppet Dashboard » Version: 1.1.1

cpe:2.3:a:puppet:puppet_dashboard:1.1.1
Puppet » Puppet Dashboard » Version: 1.2.0

cpe:2.3:a:puppet:puppet_dashboard:1.2.0
Puppet » Puppet Dashboard » Version: 1.2.1

cpe:2.3:a:puppet:puppet_dashboard:1.2.1
Puppet » Puppet Dashboard » Version: 1.2.2

cpe:2.3:a:puppet:puppet_dashboard:1.2.2
Puppet » Puppet Dashboard » Version: 1.2.3

cpe:2.3:a:puppet:puppet_dashboard:1.2.3
Puppet » Puppet Dashboard » Version: 1.2.4

cpe:2.3:a:puppet:puppet_dashboard:1.2.4
Puppet » Puppet Enterprise » Version: 1.0

cpe:2.3:a:puppet:puppet_enterprise:1.0
Puppet » Puppet Enterprise » Version: 1.1

cpe:2.3:a:puppet:puppet_enterprise:1.1
Puppet » Puppet Enterprise » Version: 1.2.0

cpe:2.3:a:puppet:puppet_enterprise:1.2.0
Puppet » Puppet Enterprise » Version: 2.0.0

cpe:2.3:a:puppet:puppet_enterprise:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0891

Products

Pricing

Contact Us