Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0.
{
"cpe": [
"cpe:2.3:a:northern.tech:cfengine:*:*:*:*:enterprise:*:*:*",
"cpe:2.3:a:northern.tech:cfengine:3.7:*:*:*:enterprise:*:*:*"
],
"extracted_events": [
{
"introduced": "3.10.0"
},
{
"fixed": "3.10.7"
},
{
"introduced": "3.12.0"
},
{
"fixed": "3.12.3"
},
{
"introduced": "3.7"
},
{
"last_affected": "3.7"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING"
]
}