2017-12-30 17:00:00
mitre
PUBLISHED
custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the custom command functionality.