CVE-2014-3924
https://notcve.org/view.php?id=CVE-2014-3924
Multiple cross-site scripting (XSS) vulnerabilities in Webmin before 1.690 and Usermin before 1.600 allow remote attackers to inject arbitrary web script or HTML via vectors related to popup windows. Múltiples vulnerabilidades de XSS en Webmin anterior a 1.690 y Usermin anterior a 1.600 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores relacionados con ventanas emergentes. • http://secunia.com/advisories/58917 http://secunia.com/advisories/58919 http://www.securityfocus.com/bid/67647 http://www.securityfocus.com/bid/67649 http://www.securitytracker.com/id/1030296 http://www.securitytracker.com/id/1030297 http://www.webmin.com/changes.html http://www.webmin.com/uchanges.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •