CVE-2007-1276

Published: Mar 5, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename.

Affected (44)

Products: Usermin: Usermin · Webmin: Webmin

1 product

1 product

Configuration A

44 vulnerable

Vulnerable Software	Affected Versions
Usermin Usermin	Version 1.000
Usermin Usermin	Version 1.010
Usermin Usermin	Version 1.020
Usermin Usermin	Version 1.030
Usermin Usermin	Version 1.040
Usermin Usermin	Version 1.051
Usermin Usermin	Version 1.060
Usermin Usermin	Version 1.070
Usermin Usermin	Version 1.080
Usermin Usermin	Version 1.090
Usermin Usermin	Version 1.100
Usermin Usermin	Version 1.110
Usermin Usermin	Version 1.120
Usermin Usermin	Version 1.130
Usermin Usermin	Version 1.140
Usermin Usermin	Version 1.150
Usermin Usermin	Version 1.210
Usermin Usermin	Version 1.220
Usermin Usermin	Version 1.230
Usermin Usermin	Version 1.240
Usermin Usermin	Version 1.250
Webmin Webmin	Version 1.0.00
Webmin Webmin	Version 1.0.10
Webmin Webmin	Version 1.0.20
Webmin Webmin	Version 1.0.30
Webmin Webmin	Version 1.0.40
Webmin Webmin	Version 1.0.50
Webmin Webmin	Version 1.0.51
Webmin Webmin	Version 1.0.60
Webmin Webmin	Version 1.0.70
Webmin Webmin	Version 1.0.80
Webmin Webmin	Version 1.0.90
Webmin Webmin	Version 1.1.00
Webmin Webmin	Version 1.1.10
Webmin Webmin	Version 1.1.20
Webmin Webmin	Version 1.1.21
Webmin Webmin	Version 1.1.30
Webmin Webmin	Version 1.1.40
Webmin Webmin	Version 1.1.50
Webmin Webmin	Version 1.2.20
Webmin Webmin	Version 1.2.30
Webmin Webmin	Version 1.2.40
Webmin Webmin	Version 1.2.50
Webmin Webmin	Version 1.3.20