CVSS: 6.1EPSS: 0%CPEs: 115EXPL: 0CVE-2009-4568
https://notcve.org/view.php?id=CVE-2009-4568
05 Jan 2010 — Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Webmin anterior a 1.500 y Usermin anterior a 1.430, permite a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través de vectores no especificados. • http://secunia.com/advisories/37648 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2008-0720
https://notcve.org/view.php?id=CVE-2008-0720
12 Feb 2008 — Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and Usermin 1.300 and 1.320 allows remote attackers to inject arbitrary web script or HTML via the search parameter to webmin_search.cgi (aka the search section), and possibly other components accessed through a "search box" or "open file box." NOTE: some of these details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Webmin 1.370 y 1.390 y Usermin 1.300 y 1.320. Permite a atac... • http://forum.aria-security.net/showthread.php?t=511 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •