Puppet Enterprise 2017.x < 2017.3.6 Cross-site Scripting Vulnerability
Low Nessus Plugin ID 129759
SynopsisA web application running on the remote host is affected by a code execution vulnerability.
DescriptionAccording to its self-reported version number, the Puppet install running on the remote host is version 4.x prior to 2016.2.1, 5.3.x prior to 2017.3.7, or 5.5.x prior to 2018.1.1. It is, therefore, affected by a cross-site scripting (XSS) vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by sending a specially crafted query to either the puppet enterprise console or orchestrator, to execute arbitrary script code in a user's browser session.
SolutionUpgrade to Puppet Enterprise version 2017.3.6 or later.