CVE-2002-0756

Published Aug 12, 2002

Last updated 16 years ago

Overview

Description: Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:usermin:usermin:0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD343610-8BE2-4916-AF30-66B21330D84C"
          },
          {
            "criteria": "cpe:2.3:a:usermin:usermin:0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D54B4D9-5218-41F9-A701-F960199EE520"
          },
          {
            "criteria": "cpe:2.3:a:usermin:usermin:0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B352FF6B-989C-4540-B434-9452851F745C"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.91:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B0813F3-1886-481E-8822-4BD199C4934F"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D25A7CA-ED9D-4562-8965-D4906D1BE5FA"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.92.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5C38C77-246F-41A9-A3D5-99C2DDA1DAE1"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.93:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1F2D028-F2F9-4CE0-A24B-7DB44D488D4E"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.94:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82EE7A9B-5688-4933-95B9-476873D44A65"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30A57D7A-B989-4D82-B667-029A245AA6D5"
          },
          {
            "criteria": "cpe:2.3:a:webmin:webmin:0.96:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C664186B-DD40-490B-B2DE-4279B00102F2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References