CVE-2007-1276

Name of the Vulnerable Software and Affected Versions Webmin versions prior to 1.330 Usermin versions prior to 1.260

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via a crafted filename in the chooser.cgi module.

Recommendations For Webmin versions prior to 1.330, update to version 1.330 or later. For Usermin versions prior to 1.260, update to version 1.260 or later.