Menu
▾
▴
Re: [webmin-devel] XSS in Webmin 1.540 + exploit for privilege escalation
|
From: Javier B. <jav...@gm...> - 2011-04-26 15:33:11
|
Also escape the username in mass_delete_user.cgi (when enable/disable/delete feature is used) There is no possible exploit scenario there, so no security issue, but also there is not reason to have it unescaped. On Sat, Apr 23, 2011 at 10:17 PM, Javier Bassi <jav...@gm...> wrote: > On Sat, Apr 23, 2011 at 10:11 PM, Jamie Cameron <jca...@we...> wrote: >> Hi Javier, >> >> Thanks for reporting this - I hadn't considered this attack >> vector, as I didn't realize that chfn could be used to modify a user's >> real name. >> >> I have created a fix which you can see at : >> >> https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881 >> >> Also an update for the Users and Groups module can be found at >> http://www.webmin.com/updates.html , and will be available from within >> the Webmin UI. >> >> - Jamie > > Thanks for the fast fix! > > Javier > |
