Vulnerability in N/a
CVE-2021-31761
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
EPSS: 0.823 (99.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- github.com/webmin/webmin (x_refsource_MISC)
- youtu.be/23VvUMu-28c (x_refsource_MISC)
- github.com/Mesh3l911/CVE-2021-31761 (x_refsource_MISC)
- github.com/electronicbots/CVE-2021-31761 (x_refsource_MISC)
- packetstormsecurity.com/files/163559/Webmin-1.973-Cross-Site-Request-Forgery.ht… (x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-31761?
- CVE-2021-31761 is a vulnerability in N/a. Published 2021-04-25.
- Is CVE-2021-31761 known to be exploited?
- 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.