Webmin cross-site scripting vulnerability (CNVD-2017-21737)

Webmin is a web-based system administration tool for Unix-like operating systems developed by Australian software developer Jamie Cameron and the Webmin community. A cross-site scripting vulnerability exists in versions of Webmin prior to 1.850. This vulnerability can be exploited by remote...

CVE-2017-9313

Multiple Cross-site scripting XSS vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script or HTML via the sec parameter to viewman.cgi, the referers parameter to changereferers.cgi, or the name parameter to saveuser.cgi. NOTE: these issues were not fixed in...