CVE-2007-3156

2007-06-11T22:30:00
ID CVE-2007-3156
Type cve
Reporter cve@mitre.org
Modified 2011-09-13T04:00:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) message, or (3) question parameter. NOTE: some of these details are obtained from third party information.