CVE-2017-17089

Published December 30th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

3.5

LOW

Affected

PROJECT

Description

custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the custom command functionality.

webmin/webmin

Powerful and flexible web-based server management control panel

GitHub

5.94K