CVE-2013-4963 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet Enterprise (PE) before 3.0.1 allow remote attackers to hijack the authentication of users for requests that deleting a (1) report (2) group or (3) class or possibly have other unspecified impact.

Reference

http://puppetlabs.com/security/cve/cve-2013-4963