Cross-Site Scripting Issues in Webmin and Usermin Software
CVE-2007-3156

Currently unrated

Key Information:

Vendor: Webmin
Status: Usermin; Webmin
Vendor: CVE Published:; 11 June 2007

What is CVE-2007-3156?

Webmin and Usermin versions prior to 1.350 and 1.280, respectively, are susceptible to multiple cross-site scripting (XSS) vulnerabilities. Attackers can exploit these weaknesses through improper handling of parameters such as cid, message, or question, potentially allowing arbitrary web script or HTML injection. This vulnerability underscores the importance of keeping web management tools updated to safeguard against malicious exploits.

References

http://www.webmin.com/security.html

x_refsource_CONFIRM

http://secunia.com/advisories/25785

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/2117

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2007
Vulnerability Reserved
Jun 11, 2007