CVE-2017-17089

CVE-2017-17089

EPSS 0.8%

custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the custom command functionality.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/webmin/webmin/commit/a9c97eea6c268fb83d93a817d58bac75e0d2599e http://www.securityfocus.com/bid/102339