CVE-2022-3844
Summary
| CVE | CVE-2022-3844 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-11-02 20:15:00 UTC |
| Updated | 2023-11-16 01:34:00 UTC |
| Description | A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to address this issue. The patch is identified as d3d33af3c0c3fd3a889c84e287a038b7a457d811. It is recommended to upgrade the affected component. VDB-212862 is the identifier assigned to this vulnerability. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2022-3844 | Webmin index.cgi cross site scripting | N/A | vuldb.com | |
| vuldb.com | MISC | vuldb.com | |
| Release 2.003 · webmin/webmin · GitHub | MISC | github.com | |
| Clean up code and prevent HTML attacks on untrusted inputs · webmin/webmin@d3d33af · GitHub | N/A | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 731092 Webmin Multiple Cross-Site Scripting (XSS) Vulnerabilities