CVE-2024-36452

July 10, 2024, 7:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Webmin

  • before 2.003

Source

vultures@jpcert.or.jp

Tags

CVE-2024-36452 details

Published : July 10, 2024, 7:15 a.m.
Last Modified : July 10, 2024, 7:15 a.m.

Description

Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://jvn.jp/en/jp/JVN81442045/ vultures@jpcert.or.jp
https://webmin.com/ vultures@jpcert.or.jp
This website uses the NVD API, but is not approved or certified by it.