CVE-2007-1276

Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename.

Published: Mar 5, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-1276
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
webmin / webmin	1.2.50	1.2.50.x
usermin / usermin	1.070	1.070.x
webmin / webmin	1.0.20	1.0.20.x
webmin / webmin	1.0.51	1.0.51.x
webmin / webmin	1.0.10	1.0.10.x
usermin / usermin	1.040	1.040.x
usermin / usermin	1.250	1.250.x
usermin / usermin	1.060	1.060.x
webmin / webmin	1.1.50	1.1.50.x
webmin / webmin	1.0.60	1.0.60.x
usermin / usermin	1.080	1.080.x
usermin / usermin	1.100	1.100.x
webmin / webmin	1.1.00	1.1.00.x
usermin / usermin	1.210	1.210.x
webmin / webmin	1.1.30	1.1.30.x
webmin / webmin	1.1.21	1.1.21.x
webmin / webmin	1.0.00	1.0.00.x
webmin / webmin	1.0.90	1.0.90.x
webmin / webmin	1.3.20	1.3.20.x
usermin / usermin	1.010	1.010.x
usermin / usermin	1.130	1.130.x
usermin / usermin	1.150	1.150.x
webmin / webmin	1.2.30	1.2.30.x
usermin / usermin	1.140	1.140.x
usermin / usermin	1.220	1.220.x
webmin / webmin	1.0.30	1.0.30.x
webmin / webmin	1.2.20	1.2.20.x
webmin / webmin	1.1.40	1.1.40.x
webmin / webmin	1.1.20	1.1.20.x
usermin / usermin	1.090	1.090.x
usermin / usermin	1.020	1.020.x
usermin / usermin	1.051	1.051.x
usermin / usermin	1.000	1.000.x
usermin / usermin	1.030	1.030.x
webmin / webmin	1.0.70	1.0.70.x
usermin / usermin	1.110	1.110.x
usermin / usermin	1.240	1.240.x
webmin / webmin	1.0.50	1.0.50.x
webmin / webmin	1.0.40	1.0.40.x
webmin / webmin	1.0.80	1.0.80.x
usermin / usermin	1.120	1.120.x
usermin / usermin	1.230	1.230.x
webmin / webmin	1.1.10	1.1.10.x
webmin / webmin	1.2.40	1.2.40.x

Vulnerability Database

289,697

CVE-2007-1276