2 matches found
CVE-2019-15641
xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. By default, only root, admin, and sysadm can access xmlrpc.cgi...
CVE-2019-15641
CVE-2019-15641 affects Webmin via xmlrpc.cgi, where an authenticated XXE exists in Webmin up to version 1.930 (patch included in later versions). Impact: potential disclosure of sensitive data due to XML external entity processing; access is restricted in affected setups to root/admin/sysadm by d...