CVE-2024-36452

Name of the Vulnerable Software and Affected Versions Webmin versions prior to 2.003

Description A cross-site request forgery vulnerability exists in the ajaxterm module. If exploited, unintended operations may be performed when a user views a malicious page while logged in, potentially allowing data within a system to be referred, a webpage to be altered, or a server to be permanently halted.

Recommendations For versions prior to 2.003, update to version 2.003 or later to resolve the issue. As a temporary workaround, consider disabling the ajaxterm module until a patch is available. Restrict access to the ajaxterm module to minimize the risk of exploitation.