Vulnerabilities > Webmin > Usermin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-29 | CVE-2023-41153 | Cross-site Scripting vulnerability in Webmin Usermin 2.001 A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options. | 5.4 |
| 2022-10-25 | CVE-2022-35132 | OS Command Injection vulnerability in Webmin Usermin Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module. | 8.8 |
| 2022-07-27 | CVE-2022-36880 | Cross-site Scripting vulnerability in Webmin Usermin The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message. | 6.1 |
| 2017-04-12 | CVE-2016-4897 | Cross-site Scripting vulnerability in Webmin Usermin Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690. | 6.1 |