CVE-2014-3886

Published: Jul 20, 2014Modified: May 6, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.

Affected (9)

Products: Webmin: Webmin

Webmin

1 product

Webmin

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Webmin Webmin	Up to 1.680
Webmin Webmin	Version 1.600
Webmin Webmin	Version 1.610
Webmin Webmin	Version 1.620
Webmin Webmin	Version 1.630
Webmin Webmin	Version 1.640
Webmin Webmin	Version 1.650
Webmin Webmin	Version 1.660
Webmin Webmin	Version 1.670