Vulnerability CVE-2011-1937

Vulnerability CVE-2011-1937

Published: 2011-05-31 Modified: 2012-02-13

Description:

	Topic	Author	Date
Low	Webmin 1.540 XSS privilege escalation	Javier Bassi	02.06.2011

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Webmin -> Webmin

https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881

http://www.youtube.com/watch?v=CUO7JLIGUf0

http://www.securityfocus.com/bid/47558

http://www.securityfocus.com/archive/1/517658

http://www.mandriva.com/security/advisories?name=MDVSA-2011:109

http://securitytracker.com/id?1025438

http://securityreason.com/securityalert/8264

http://openwall.com/lists/oss-security/2011/05/24/7

http://openwall.com/lists/oss-security/2011/05/22/1

http://javierb.com.ar/2011/04/24/xss-webmin-1-540/