Vulnerability Description
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Webmin | Webmin | 0.1 |
References
- http://online.securityfocus.com/archive/1/263181
- http://www.securityfocus.com/bid/4329ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8596
- http://online.securityfocus.com/archive/1/263181
- http://www.securityfocus.com/bid/4329ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8596
FAQ
What is CVE-2002-1673?
CVE-2002-1673 is a vulnerability with a CVSS score of 3.6 (LOW). The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by i...
How severe is CVE-2002-1673?
CVE-2002-1673 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1673?
Check the references section above for vendor advisories and patch information. Affected products include: Webmin Webmin.