suse · CVE-2015-6502

Quick triage

Priority: medium Published: 2021-05-30 13:32:49 UTC Updated: 2025-04-27 23:12:34 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-6502 severity moderate: SUSE including 2 source package names (puppet, puppet-server), 9 product×package rows across 7 product lines (SUSE Linux Enterprise Desktop 12 SP2, SUSE Linux Enterprise Desktop 12 SP3, … (7 product lines)): Known Not Affected 9.

Description:

Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows remote attackers to inject arbitrary web script or HTML via the string parameter, related to Login Redirect.

cvelogic Threat Intelligence