CVE-2020-8820

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-8820

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8820.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-8820

Related

MGASA-2020-0400

Published

2020-10-12T16:15:12Z

Modified

2025-01-14T08:50:47.267634Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and executed.

References

https://www.webmin.com/security.html

Affected packages

Git / github.com/webmin/webmin

Affected ranges

Type: GIT
Repo: https://github.com/webmin/webmin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d5227e85afec512718dd77a759a56cd212a15c1c

Affected versions

1.*

1.700

1.710

1.720

1.730

1.740

1.750

1.760

1.770

1.780

1.790

1.800

1.801

1.810

1.820

1.830

1.831

1.840

1.850

1.860

1.870

1.880

1.890

1.900

1.910

1.920

1.930

1.940

1.941