← Back

CVE-2009-4568

nvd nist
Published: Jan 5, 2010Modified: Apr 23, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (115)

Products: Webmin: Usermin, Webmin
Webmin
2 products
Usermin
Webmin
Configuration A
115 vulnerable
Vulnerable SoftwareAffected Versions
Webmin
Usermin
Up to 1.32
Usermin
Version 0.4
Usermin
Version 0.5
Usermin
Version 0.6
Usermin
Version 0.7
Usermin
Version 0.8
Usermin
Version 0.91
Usermin
Version 0.92
Usermin
Version 0.93
Usermin
Version 0.94
Usermin
Version 0.95
Usermin
Version 0.96
Usermin
Version 0.97
Usermin
Version 0.98
Usermin
Version 0.99
Usermin
Version 0.9
Usermin
Version 1.000
Usermin
Version 1.010
Usermin
Version 1.020
Usermin
Version 1.030
Usermin
Version 1.040
Usermin
Version 1.051
Usermin
Version 1.060
Usermin
Version 1.070
Usermin
Version 1.080
Usermin
Version 1.090
Usermin
Version 1.100
Usermin
Version 1.110
Usermin
Version 1.120
Usermin
Version 1.130
Usermin
Version 1.140
Usermin
Version 1.150
Usermin
Version 1.210
Usermin
Version 1.220
Usermin
Version 1.230
Usermin
Version 1.240
Usermin
Version 1.250
Usermin
Version 1.260
Usermin
Version 1.270
Usermin
Version 1.280
Usermin
Version 1.3
Webmin
Webmin
Up to 1.390
Webmin
Version 0.1
Webmin
Version 0.21
Webmin
Version 0.22
Webmin
Version 0.2
Webmin
Version 0.31
Webmin
Version 0.3
Webmin
Version 0.41
Webmin
Version 0.42
Webmin
Version 0.4
Webmin
Version 0.51
Webmin
Version 0.5
Webmin
Version 0.6
Webmin
Version 0.76
Webmin
Version 0.77
Webmin
Version 0.78
Webmin
Version 0.79
Webmin
Version 0.7
Webmin
Version 0.80
Webmin
Version 0.83
Webmin
Version 0.84
Webmin
Version 0.85
Webmin
Version 0.88
Webmin
Version 0.90
Webmin
Version 0.91
Webmin
Version 0.92.1
Webmin
Version 0.92
Webmin
Version 0.93
Webmin
Version 0.94
Webmin
Version 0.950
Webmin
Version 0.95
Webmin
Version 0.960
Webmin
Version 0.96
Webmin
Version 0.970
Webmin
Version 0.97
Webmin
Version 0.980
Webmin
Version 0.98
Webmin
Version 0.990
Webmin
Version 0.99
Webmin
Version 1.0.10
Webmin
Version 1.0.20
Webmin
Version 1.0.30
Webmin
Version 1.0.40
Webmin
Version 1.0.50
Webmin
Version 1.0.51
Webmin
Version 1.0.60
Webmin
Version 1.0.70
Webmin
Version 1.0.80
Webmin
Version 1.0.90
Webmin
Version 1.1.00
Webmin
Version 1.1.10
Webmin
Version 1.1.20
Webmin
Version 1.1.21
Webmin
Version 1.1.30
Webmin
Version 1.1.40
Webmin
Version 1.1.50
Webmin
Version 1.1.60
Webmin
Version 1.2.20
Webmin
Version 1.2.30
Webmin
Version 1.2.40
Webmin
Version 1.2.50
Webmin
Version 1.2.60
Webmin
Version 1.2.70
Webmin
Version 1.2.80
Webmin
Version 1.2.90
Webmin
Version 1.3.20
Webmin
Version 1.3.30
Webmin
Version 1.335
Webmin
Version 1.336
Webmin
Version 1.337
Webmin
Version 1.340
Webmin
Version 1.343
Webmin
Version 1.360
Webmin
Version 1.370

Related CWEs

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (10)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.