CVE-2014-3884: XSS
First published: Sun Jul 20 2014(Updated: )
Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Usermin | <=1.590 | |
| Usermin | =0.4 | |
| Usermin | =0.5 | |
| Usermin | =0.6 | |
| Usermin | =0.7 | |
| Usermin | =0.80 | |
| Usermin | =0.90 | |
| Usermin | =0.910 | |
| Usermin | =0.929 | |
| Usermin | =0.930 | |
| Usermin | =0.940 | |
| Usermin | =0.950 | |
| Usermin | =0.960 | |
| Usermin | =0.970 | |
| Usermin | =0.980 | |
| Usermin | =0.990 | |
| Usermin | =1.000 | |
| Usermin | =1.010 | |
| Usermin | =1.020 | |
| Usermin | =1.030 | |
| Usermin | =1.040 | |
| Usermin | =1.050 | |
| Usermin | =1.051 | |
| Usermin | =1.060 | |
| Usermin | =1.070 | |
| Usermin | =1.080 | |
| Usermin | =1.090 | |
| Usermin | =1.100 | |
| Usermin | =1.110 | |
| Usermin | =1.120 | |
| Usermin | =1.130 | |
| Usermin | =1.140 | |
| Usermin | =1.150 | |
| Usermin | =1.160 | |
| Usermin | =1.170 | |
| Usermin | =1.180 | |
| Usermin | =1.190 | |
| Usermin | =1.200 | |
| Usermin | =1.210 | |
| Usermin | =1.220 | |
| Usermin | =1.230 | |
| Usermin | =1.240 | |
| Usermin | =1.250 | |
| Usermin | =1.260 | |
| Usermin | =1.270 | |
| Usermin | =1.280 | |
| Usermin | =1.290 | |
| Usermin | =1.300 | |
| Usermin | =1.310 | |
| Usermin | =1.320 | |
| Usermin | =1.330 | |
| Usermin | =1.340 | |
| Usermin | =1.350 | |
| Usermin | =1.360 | |
| Usermin | =1.370 | |
| Usermin | =1.380 | |
| Usermin | =1.390 | |
| Usermin | =1.400 | |
| Usermin | =1.410 | |
| Usermin | =1.420 | |
| Usermin | =1.430 | |
| Usermin | =1.440 | |
| Usermin | =1.450 | |
| Usermin | =1.460 | |
| Usermin | =1.470 | |
| Usermin | =1.480 | |
| Usermin | =1.490 | |
| Usermin | =1.500 | |
| Usermin | =1.510 | |
| Usermin | =1.520 | |
| Usermin | =1.530 | |
| Usermin | =1.540 | |
| Usermin | =1.550 | |
| Usermin | =1.560 | |
| Usermin | =1.570 | |
| Usermin | =1.580 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3884?
CVE-2014-3884 has a severity rating that can be classified as medium due to its potential for cross-site scripting attacks.
How do I fix CVE-2014-3884?
To fix CVE-2014-3884, upgrade Usermin to version 1.600 or later.
What types of attacks does CVE-2014-3884 allow?
CVE-2014-3884 allows remote attackers to inject arbitrary web scripts or HTML into affected Usermin applications.
Which versions of Usermin are affected by CVE-2014-3884?
CVE-2014-3884 affects all Usermin versions prior to 1.600.
Is there a workaround for CVE-2014-3884?
There are no specific workarounds for CVE-2014-3884; upgrading to the latest version is the recommended action.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/webmin
- canonical/usermin
- version/usermin/1.590
- version/usermin/0.4
- version/usermin/0.5
- version/usermin/0.6
- version/usermin/0.7
- version/usermin/0.80
- version/usermin/0.90
- version/usermin/0.910
- version/usermin/0.929
- version/usermin/0.930
- version/usermin/0.940
- version/usermin/0.950
- version/usermin/0.960
- version/usermin/0.970
- version/usermin/0.980
- version/usermin/0.990
- version/usermin/1.000
- version/usermin/1.010
- version/usermin/1.020
- version/usermin/1.030
- version/usermin/1.040
- version/usermin/1.050
- version/usermin/1.051
- version/usermin/1.060
- version/usermin/1.070
- version/usermin/1.080
- version/usermin/1.090
- version/usermin/1.100
- version/usermin/1.110
- version/usermin/1.120
- version/usermin/1.130
- version/usermin/1.140
- version/usermin/1.150
- version/usermin/1.160
- version/usermin/1.170
- version/usermin/1.180
- version/usermin/1.190
- version/usermin/1.200
- version/usermin/1.210
- version/usermin/1.220
- version/usermin/1.230
- version/usermin/1.240
- version/usermin/1.250
- version/usermin/1.260
- version/usermin/1.270
- version/usermin/1.280
- version/usermin/1.290
- version/usermin/1.300
- version/usermin/1.310
- version/usermin/1.320
- version/usermin/1.330
- version/usermin/1.340
- version/usermin/1.350
- version/usermin/1.360
- version/usermin/1.370
- version/usermin/1.380
- version/usermin/1.390
- version/usermin/1.400
- version/usermin/1.410
- version/usermin/1.420
- version/usermin/1.430
- version/usermin/1.440
- version/usermin/1.450
- version/usermin/1.460
- version/usermin/1.470
- version/usermin/1.480
- version/usermin/1.490
- version/usermin/1.500
- version/usermin/1.510
- version/usermin/1.520
- version/usermin/1.530
- version/usermin/1.540
- version/usermin/1.550
- version/usermin/1.560
- version/usermin/1.570
- version/usermin/1.580