mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
84 lines
2.9 KiB
JSON
84 lines
2.9 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-36453",
|
|
"ASSIGNER": "vultures@jpcert.or.jp",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site scripting vulnerability exists in session_login.cgi of Webmin versions prior to 1.970 and Usermin versions prior to 1.820. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a webpage may be altered or sensitive information such as a credential may be disclosed."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site scripting (XSS)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Webmin",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Webmin",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "versions prior to 1.970"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Usermin",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "versions prior to 1.820"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://webmin.com/",
|
|
"refsource": "MISC",
|
|
"name": "https://webmin.com/"
|
|
},
|
|
{
|
|
"url": "https://webmin.com/usermin/",
|
|
"refsource": "MISC",
|
|
"name": "https://webmin.com/usermin/"
|
|
},
|
|
{
|
|
"url": "https://jvn.jp/en/jp/JVN81442045/",
|
|
"refsource": "MISC",
|
|
"name": "https://jvn.jp/en/jp/JVN81442045/"
|
|
}
|
|
]
|
|
}
|
|
} |