Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 300208 (CVE-2009-4568) - <app-admin/{webmin-1.500,usermin-1.430} XSS (CVE-2009-4568)
Summary: <app-admin/{webmin-1.500,usermin-1.430} XSS (CVE-2009-4568)
Status: RESOLVED FIXED
Alias: CVE-2009-4568
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://www.webmin.com/security.html
Whiteboard: ~4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-01-08 17:44 UTC by Alex Legler (RETIRED)
Modified: 2010-01-08 17:52 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 17:44:51 UTC 
CVE-2009-4568 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4568):
  Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and
  Usermin before 1.430 allows remote attackers to inject arbitrary web
  script or HTML via unspecified vectors.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 17:52:19 UTC 
Removed vulnerable ebuilds.

Was recently removed from stable, but XSS in webapps → noglsa