CVE-2022-3844

LOW 3.5

Webmin index.cgi cross site scripting

CVSS Score

3.5

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to address this issue. The patch is identified as d3d33af3c0c3fd3a889c84e287a038b7a457d811. It is recommended to upgrade the affected component. VDB-212862 is the identifier assigned to this vulnerability.

CWE	CWE-80
Vendor	n/a
Product	webmin
Published	Nov 2, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for n/a webmin

Be the first to know when new low vulnerabilities affecting n/a webmin are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

n/a / Webmin

2.001

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.212862 vuldb.com: https://vuldb.com/?ctiid.212862 github.com: https://github.com/webmin/webmin/commit/d3d33af3c0c3fd3a889c84e287a038b7a457d811 github.com: https://github.com/webmin/webmin/releases/tag/2.003

Credits

VulDB GitHub Commit Analyzer