CVE-2002-1673

Name of the Vulnerable Software and Affected Versions Webmin version 0.92

Description The issue concerns the web interface of the affected software, which fails to properly quote or filter script code in displayed files. This allows local users to execute script code and potentially steal cookies by inserting the script into specific files or fields, such as a real user name entry in the passwd file.

Recommendations For Webmin version 0.92, consider restricting access to the web interface until a proper fix is applied, and avoid inserting untrusted data into files or fields that are displayed by the web interface. As a temporary workaround, consider disabling the display of files that may contain script code in the web interface to minimize the risk of exploitation.