Lucene search
HistoryJul 20, 2014 - 11:12 a.m.
CVE-2014-3886
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.2%
Cross-site scripting (XSS) vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Affected configurations
Node
webminwebminRange≤1.680
ORwebminwebminMatch1.600
ORwebminwebminMatch1.610
ORwebminwebminMatch1.620
ORwebminwebminMatch1.630
ORwebminwebminMatch1.640
ORwebminwebminMatch1.650
ORwebminwebminMatch1.660
ORwebminwebminMatch1.670
Related
cve
cve
cvelist
cvelist
prion
prion
Cross site scripting
2014-07-20 11:12:00
Cross site scripting
2014-05-30 14:55:00
Cross site scripting
2014-07-20 11:12:00
nessus
nessus
Webmin < 1.690 Multiple XSS
2014-09-16 00:00:00
Usermin < 1.600 Multiple Vulnerabilities
2014-09-16 00:00:00
nvd
nvd
jvn
jvn
JVN#02213197: Webmin vulnerable to cross-site scripting
2014-06-20 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.2%
Related for NVD:CVE-2014-3886