Summary
This host is running Webmin/Usermin and is prone to cross site scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site.
Impact Level: Application
Solution
Upgrade to Webmin version 0.970, Usermin version 0.910 or later.
For updates refer to http://www.webmin.com/download.html
Insight
The flaw is due to improper validation of user-supplied input via the authentication page, which allows attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Affected
Webmin version 0.96
Usermin version 0.90
References
Severity
Classification
-
CVE CVE-2002-0756 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities