CVE-2024-36452

2024-07-1007:01:48

jpcert

www.cve.org

webmin

ajaxterm

csrf

vulnerability

exploit

unintended operations

data breach

server halt

EPSS

Percentile

9.2%

JSON

Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted.

CNA Affected

[
  {
    "vendor": "Webmin",
    "product": "Webmin",
    "versions": [
      {
        "version": "versions prior to 2.003",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN81442045/

webmin.com/

EPSS

Percentile

9.2%

JSON

Related for CVELIST:CVE-2024-36452