CVE-2012-0891
Puppet Dashboard <1.2.5, Enterprise <1.2.5, <2.0.1 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 before 1.2.5 and Enterprise 1.0 before 1.2.5 and 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields.
Scores
EPSS
0.0026
EPSS Percentile
49.5%
Details
CWE
CWE-79
Status
published
Products (15)
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
puppet/puppet_dashboard
... and 5 more
Published
Mar 14, 2014
Tracked Since
Feb 18, 2026