Vulnerabilities > Webmin > Usermin > 1.791

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-35132 OS Command Injection vulnerability in Webmin Usermin
Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
network
low complexity
webmin CWE-78
8.8
2022-07-27 CVE-2022-36880 Cross-site Scripting vulnerability in Webmin Usermin
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.
network
webmin CWE-79
4.3