Cross-Site Scripting Vulnerability in Usermin by O'Reilly Media
CVE-2014-3884

Currently unrated

Key Information:

Vendor: Webmin
Status: Usermin
Vendor: CVE Published:; 20 July 2014

What is CVE-2014-3884?

A cross-site scripting (XSS) vulnerability in Usermin prior to version 1.600 permits remote attackers to execute arbitrary web scripts or HTML elements. This exposure can lead to the manipulation of user sessions or the unauthorized exchange of sensitive data. Attackers can exploit this vulnerability through unspecified methods, posing significant risks to users of affected Usermin versions. Awareness and timely updates are essential to safeguard against such threats.

References

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000058

third-party-advisoryx_refsource_JVNDB

http://jvn.jp/en/jp/JVN92737498/index.html

third-party-advisoryx_refsource_JVN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 20, 2014
Vulnerability Reserved
May 27, 2014

Webmin

What is CVE-2014-3884?

References

Timeline