Webmin 1.890 Cross Site Scripting

2019.01.15

Credit: Foo Jong Meng

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

# Vulnerability type: Reflected Cross Site Scripting
# Vendor: <https://www.k2.com/> http://www.webmin.com/index.html
# Product: Webmin
# Affected version: 1.890
# Credit: Foo Jong Meng
# CVE ID: CVE- 2018-19191
# DESCRIPTION:
After logging into the webmin interface, attack can be launched by injecting
the XSS payload at the affected parameters. The XSS is noted in the
following webmin parameters https://x.x.x.x:10000/affected-parameters:
u /config.cgi?webmin (GET)
u /shell/index.cgi (POST) history parameter
u /shell/index.cgi?stripped=1 (POST)
u /webminlog/search.cgi (GET) uall and mall parameters
# SAMPLE PAYLOAD:
"<script>alert(0)</script>
<script>alert(%22%78%73%73%22)</script>abc
# PROOF OF CONCEPT:
1. Use a web proxy (i.e zapproxy, burp) to intercept the affected "GET" and
"POST" requests for:
https://x.x.x.x:10000/affected-parameters
2. Inject the XSS payload at the affected parameters.
3. The payload will be executed.
Developer has issued an updated version of webmin with the vulnerabilities
reported.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Webmin 1.890 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.