CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
78.8%
Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies.
Vendor | Product | Version | CPE |
---|---|---|---|
usermin | usermin | 0.7 | cpe:2.3:a:usermin:usermin:0.7:*:*:*:*:*:*:* |
usermin | usermin | 0.8 | cpe:2.3:a:usermin:usermin:0.8:*:*:*:*:*:*:* |
usermin | usermin | 0.9 | cpe:2.3:a:usermin:usermin:0.9:*:*:*:*:*:*:* |
webmin | webmin | 0.91 | cpe:2.3:a:webmin:webmin:0.91:*:*:*:*:*:*:* |
webmin | webmin | 0.92 | cpe:2.3:a:webmin:webmin:0.92:*:*:*:*:*:*:* |
webmin | webmin | 0.92.1 | cpe:2.3:a:webmin:webmin:0.92.1:*:*:*:*:*:*:* |
webmin | webmin | 0.93 | cpe:2.3:a:webmin:webmin:0.93:*:*:*:*:*:*:* |
webmin | webmin | 0.94 | cpe:2.3:a:webmin:webmin:0.94:*:*:*:*:*:*:* |
webmin | webmin | 0.95 | cpe:2.3:a:webmin:webmin:0.95:*:*:*:*:*:*:* |
webmin | webmin | 0.96 | cpe:2.3:a:webmin:webmin:0.96:*:*:*:*:*:*:* |