FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

webmin -- cross site scripting vulnerability

Affected packages
webmin < 1.350


VuXML ID 12b7286f-16a2-11dc-b803-0016179b2dd5
Discovery 2007-06-01
Entry 2007-06-09
Modified 2010-05-12

Secunia reports:

Input passed to unspecified parameters in pam_login.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.


Bugtraq ID 24381
CVE Name CVE-2007-3156