VDB
CVE-2007-1276
CVE-2007-1276
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename.
EPSS 0.27% · 50.6th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.27%
50.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| usermin | usermin | 1.150, 1.010, 1.030 |
| webmin | webmin | 1.1.20, 1.0.10, 1.0.51 |
| n/a | n/a | n/a |
Timeline
- Mar 5, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://www.webmin.com/security.html url
- 33832 vdb
- 24321 third-party-advisory
- ADV-2007-0780 vdb
- 1017711 vdb
- http://www.webmin.com/changes-1.330.html url
- webmin-chooser-xss(32725) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2007-1276 advisory