Lucene search
HistoryJul 20, 2014 - 11:12 a.m.
CVE-2014-3884
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.003
Percentile
69.2%
Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Affected configurations
Node
webminuserminRange≤1.590
ORwebminuserminMatch0.4
ORwebminuserminMatch0.5
ORwebminuserminMatch0.6
ORwebminuserminMatch0.7
ORwebminuserminMatch0.80
ORwebminuserminMatch0.90
ORwebminuserminMatch0.910
ORwebminuserminMatch0.929
ORwebminuserminMatch0.930
ORwebminuserminMatch0.940
ORwebminuserminMatch0.950
ORwebminuserminMatch0.960
ORwebminuserminMatch0.970
ORwebminuserminMatch0.980
ORwebminuserminMatch0.990
ORwebminuserminMatch1.000
ORwebminuserminMatch1.010
ORwebminuserminMatch1.020
ORwebminuserminMatch1.030
ORwebminuserminMatch1.040
ORwebminuserminMatch1.050
ORwebminuserminMatch1.051
ORwebminuserminMatch1.060
ORwebminuserminMatch1.070
ORwebminuserminMatch1.080
ORwebminuserminMatch1.090
ORwebminuserminMatch1.100
ORwebminuserminMatch1.110
ORwebminuserminMatch1.120
ORwebminuserminMatch1.130
ORwebminuserminMatch1.140
ORwebminuserminMatch1.150
ORwebminuserminMatch1.160
ORwebminuserminMatch1.170
ORwebminuserminMatch1.180
ORwebminuserminMatch1.190
ORwebminuserminMatch1.200
ORwebminuserminMatch1.210
ORwebminuserminMatch1.220
ORwebminuserminMatch1.230
ORwebminuserminMatch1.240
ORwebminuserminMatch1.250
ORwebminuserminMatch1.260
ORwebminuserminMatch1.270
ORwebminuserminMatch1.280
ORwebminuserminMatch1.290
ORwebminuserminMatch1.300
ORwebminuserminMatch1.310
ORwebminuserminMatch1.320
ORwebminuserminMatch1.330
ORwebminuserminMatch1.340
ORwebminuserminMatch1.350
ORwebminuserminMatch1.360
ORwebminuserminMatch1.370
ORwebminuserminMatch1.380
ORwebminuserminMatch1.390
ORwebminuserminMatch1.400
ORwebminuserminMatch1.410
ORwebminuserminMatch1.420
ORwebminuserminMatch1.430
ORwebminuserminMatch1.440
ORwebminuserminMatch1.450
ORwebminuserminMatch1.460
ORwebminuserminMatch1.470
ORwebminuserminMatch1.480
ORwebminuserminMatch1.490
ORwebminuserminMatch1.500
ORwebminuserminMatch1.510
ORwebminuserminMatch1.520
ORwebminuserminMatch1.530
ORwebminuserminMatch1.540
ORwebminuserminMatch1.550
ORwebminuserminMatch1.560
ORwebminuserminMatch1.570
ORwebminuserminMatch1.580
| Vendor | Product | Version | CPE |
|---|---|---|---|
| webmin | usermin | * | cpe:2.3:a:webmin:usermin:*:*:*:*:*:*:*:* |
| webmin | usermin | 0.4 | cpe:2.3:a:webmin:usermin:0.4:*:*:*:*:*:*:* |
| webmin | usermin | 0.5 | cpe:2.3:a:webmin:usermin:0.5:*:*:*:*:*:*:* |
| webmin | usermin | 0.6 | cpe:2.3:a:webmin:usermin:0.6:*:*:*:*:*:*:* |
| webmin | usermin | 0.7 | cpe:2.3:a:webmin:usermin:0.7:*:*:*:*:*:*:* |
| webmin | usermin | 0.80 | cpe:2.3:a:webmin:usermin:0.80:*:*:*:*:*:*:* |
| webmin | usermin | 0.90 | cpe:2.3:a:webmin:usermin:0.90:*:*:*:*:*:*:* |
| webmin | usermin | 0.910 | cpe:2.3:a:webmin:usermin:0.910:*:*:*:*:*:*:* |
| webmin | usermin | 0.929 | cpe:2.3:a:webmin:usermin:0.929:*:*:*:*:*:*:* |
| webmin | usermin | 0.930 | cpe:2.3:a:webmin:usermin:0.930:*:*:*:*:*:*:* |
Related
cvelist
cvelist
prion
prion
Cross site scripting
2014-07-20 11:12:00
Cross site scripting
2014-05-30 14:55:00
Cross site scripting
2014-07-20 11:12:00
cve
cve
nessus
nessus
Usermin < 1.600 Multiple Vulnerabilities
2014-09-16 00:00:00
Webmin < 1.690 Multiple XSS
2014-09-16 00:00:00
jvn
jvn
JVN#92737498: Usermin vulnerable to cross-site scripting
2014-06-20 00:00:00
nvd
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.003
Percentile
69.2%
Related for NVD:CVE-2014-3884