RSS   Vulnerabilities for 'Virtualmin'   RSS

2018-10-10
 
CVE-2018-18208

CWE-79
 

 
Virtualmin 6.03 allows XSS via the query string, as demonstrated by the webmin_search.cgi URI.

 
 
CVE-2018-18207

CWE-74
 

 
Virtualmin 6.03 allows Frame Injection via the settings-editor_read.cgi file parameter.

 


Copyright 2019, cxsecurity.com

 

Back to Top