CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
Webmin hosting control panel vulnerability is related to failure to take measures to protect the structure of a web page.
of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute
arbitrary code
A vulnerability in the ajaxterm module of the Webmin hosting control panel is related to cross-site request forgery.
Exploitation of the vulnerability could allow an attacker acting remotely to perform a CSRF attack by
using a specially crafted web page
A vulnerability in the ajaxterm module of the Webmin hosting control panel is related to incorrect handling of permissions or privileges.
permissions or privileges. Exploitation of the vulnerability could allow an attacker acting remotely,
hijack a console session
Webmin hosting control panel vulnerability is related to a loop with an unreachable exit condition.
Exploitation of the vulnerability could allow a remote attacker to cause a denial of service.
Webmin hosting control panel vulnerability is related to failure to take measures to protect the structure of a web page.
web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a
cross-site scripting (XSS)
Webmin hosting control panel vulnerability is related to input data neutralization during generation of a web page.
web page generation. Exploitation of the vulnerability could allow an attacker acting remotely to run
malicious scripts by injecting a specially crafted payload