Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script or HTML via the sec parameter to view_man.cgi, the referers parameter to change_referers.cgi, or the name parameter to save_user.cgi. NOTE: these issues were not fixed in 1.840.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Webmin 跨站脚本漏洞
Vulnerability Description
Webmin是澳大利亚软件开发者Jamie Cameron和Webmin社区共同开发的一套基于Web的用于类Unix操作系统中的系统管理工具。 Webmin 1.850之前的版本中存在跨站脚本漏洞。远程攻击者可借助多种方法利用该漏洞注入任意的Web脚本或HTML。(多种方法包括:向view_man.cgi文件中发送‘sec’函数、向change_referers.cgi文件发送‘referers’参数或向save_user.cgi文件发送‘name’参数)
CVSS Information
N/A
Vulnerability Type
N/A