Webmin contains a cross-site scripting vulnerability

Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on.

A remote attacker that is able to trick a user in to visiting a specially crafted URL may be able to conduct a cross-site scripting attack. This attack may result in information leakage, privilege escalation, and/or denial of service.

Read the full security advisory here – http://www.kb.cert.org/vuls/id/381692

Leave a Comment

Your email address will not be published.

Scroll to Top