Vulnerability Details CVE-2021-31761
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.819
EPSS Ranking 99.2%
CVSS Severity
CVSS v3 Score 9.6
CVSS v2 Score 6.8
References
- http://packetstormsecurity.com/files/163559/Webmin-1.973-Cross-Site-Request-Forgery.html
- https://github.com/Mesh3l911/CVE-2021-31761
- https://github.com/electronicbots/CVE-2021-31761
- https://github.com/webmin/webmin
- https://youtu.be/23VvUMu-28c
- http://packetstormsecurity.com/files/163559/Webmin-1.973-Cross-Site-Request-Forgery.html
- https://github.com/Mesh3l911/CVE-2021-31761
- https://github.com/electronicbots/CVE-2021-31761
- https://github.com/webmin/webmin
- https://youtu.be/23VvUMu-28c