Webmin.Search.Parameter.XSS

description-logoDescription

This indicates an attack attempt to exploit a Cross-site scripting vulnerability in Webmin.
The vulnerability is a result of the application's failure to properly sanitize user input before using it in a "search" parameter of view.cgi page. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application, via a crafted request.

affected-products-logoAffected Products

Webmin before 1.680

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from the web site.
http://www.webmin.com/download.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)