CVE-2007-1276: CSRF
First published: Mon Mar 05 2007(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Usermin | =1.000 | |
| Webmin Usermin | =1.010 | |
| Webmin Usermin | =1.020 | |
| Webmin Usermin | =1.030 | |
| Webmin Usermin | =1.040 | |
| Webmin Usermin | =1.051 | |
| Webmin Usermin | =1.060 | |
| Webmin Usermin | =1.070 | |
| Webmin Usermin | =1.080 | |
| Webmin Usermin | =1.090 | |
| Webmin Usermin | =1.100 | |
| Webmin Usermin | =1.110 | |
| Webmin Usermin | =1.120 | |
| Webmin Usermin | =1.130 | |
| Webmin Usermin | =1.140 | |
| Webmin Usermin | =1.150 | |
| Webmin Usermin | =1.210 | |
| Webmin Usermin | =1.220 | |
| Webmin Usermin | =1.230 | |
| Webmin Usermin | =1.240 | |
| Webmin Usermin | =1.250 | |
| Webmin | =1.0.00 | |
| Webmin | =1.0.10 | |
| Webmin | =1.0.20 | |
| Webmin | =1.0.30 | |
| Webmin | =1.0.40 | |
| Webmin | =1.0.50 | |
| Webmin | =1.0.51 | |
| Webmin | =1.0.60 | |
| Webmin | =1.0.70 | |
| Webmin | =1.0.80 | |
| Webmin | =1.0.90 | |
| Webmin | =1.1.00 | |
| Webmin | =1.1.10 | |
| Webmin | =1.1.20 | |
| Webmin | =1.1.21 | |
| Webmin | =1.1.30 | |
| Webmin | =1.1.40 | |
| Webmin | =1.1.50 | |
| Webmin | =1.2.20 | |
| Webmin | =1.2.30 | |
| Webmin | =1.2.40 | |
| Webmin | =1.2.50 | |
| Webmin | =1.3.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-1276?
CVE-2007-1276 is classified as a moderate severity vulnerability due to the potential for remote attackers to exploit it via cross-site scripting.
How do I fix CVE-2007-1276?
To fix CVE-2007-1276, upgrade to Webmin version 1.330 or later and Usermin version 1.260 or later.
What are the consequences of CVE-2007-1276 being exploited?
If exploited, CVE-2007-1276 can allow attackers to inject arbitrary web scripts or HTML, potentially compromising user data.
Which versions are affected by CVE-2007-1276?
CVE-2007-1276 affects multiple versions of Webmin and Usermin prior to their respective patched releases.
What is Webmin in relation to CVE-2007-1276?
Webmin is a web-based interface for system administration, and CVE-2007-1276 identifies vulnerabilities within its chooser.cgi script.
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/usermin
- canonical/webmin usermin
- version/webmin usermin/1.000
- version/webmin usermin/1.010
- version/webmin usermin/1.020
- version/webmin usermin/1.030
- version/webmin usermin/1.040
- version/webmin usermin/1.051
- version/webmin usermin/1.060
- version/webmin usermin/1.070
- version/webmin usermin/1.080
- version/webmin usermin/1.090
- version/webmin usermin/1.100
- version/webmin usermin/1.110
- version/webmin usermin/1.120
- version/webmin usermin/1.130
- version/webmin usermin/1.140
- version/webmin usermin/1.150
- version/webmin usermin/1.210
- version/webmin usermin/1.220
- version/webmin usermin/1.230
- version/webmin usermin/1.240
- version/webmin usermin/1.250
- vendor/webmin
- canonical/webmin
- version/webmin/1.0.00
- version/webmin/1.0.10
- version/webmin/1.0.20
- version/webmin/1.0.30
- version/webmin/1.0.40
- version/webmin/1.0.50
- version/webmin/1.0.51
- version/webmin/1.0.60
- version/webmin/1.0.70
- version/webmin/1.0.80
- version/webmin/1.0.90
- version/webmin/1.1.00
- version/webmin/1.1.10
- version/webmin/1.1.20
- version/webmin/1.1.21
- version/webmin/1.1.30
- version/webmin/1.1.40
- version/webmin/1.1.50
- version/webmin/1.2.20
- version/webmin/1.2.30
- version/webmin/1.2.40
- version/webmin/1.2.50
- version/webmin/1.3.20