CVE-2014-3884
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
4.3
Description
Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| webmin | usermin | {"endIncluding":"1.590"} | |
| webmin | usermin | 0.4 | |
| webmin | usermin | 0.5 | |
| webmin | usermin | 0.6 | |
| webmin | usermin | 0.7 | |
| webmin | usermin | 0.80 | |
| webmin | usermin | 0.90 | |
| webmin | usermin | 0.910 | |
| webmin | usermin | 0.929 | |
| webmin | usermin | 0.930 | |
| webmin | usermin | 0.940 | |
| webmin | usermin | 0.950 | |
| webmin | usermin | 0.960 | |
| webmin | usermin | 0.970 | |
| webmin | usermin | 0.980 | |
| webmin | usermin | 0.990 | |
| webmin | usermin | 1.000 | |
| webmin | usermin | 1.010 | |
| webmin | usermin | 1.020 | |
| webmin | usermin | 1.030 | |
| webmin | usermin | 1.040 | |
| webmin | usermin | 1.050 | |
| webmin | usermin | 1.051 | |
| webmin | usermin | 1.060 | |
| webmin | usermin | 1.070 | |
| webmin | usermin | 1.080 | |
| webmin | usermin | 1.090 | |
| webmin | usermin | 1.100 | |
| webmin | usermin | 1.110 | |
| webmin | usermin | 1.120 | |
| webmin | usermin | 1.130 | |
| webmin | usermin | 1.140 | |
| webmin | usermin | 1.150 | |
| webmin | usermin | 1.160 | |
| webmin | usermin | 1.170 | |
| webmin | usermin | 1.180 | |
| webmin | usermin | 1.190 | |
| webmin | usermin | 1.200 | |
| webmin | usermin | 1.210 | |
| webmin | usermin | 1.220 | |
| webmin | usermin | 1.230 | |
| webmin | usermin | 1.240 | |
| webmin | usermin | 1.250 | |
| webmin | usermin | 1.260 | |
| webmin | usermin | 1.270 | |
| webmin | usermin | 1.280 | |
| webmin | usermin | 1.290 | |
| webmin | usermin | 1.300 | |
| webmin | usermin | 1.310 | |
| webmin | usermin | 1.320 | |
| webmin | usermin | 1.330 | |
| webmin | usermin | 1.340 | |
| webmin | usermin | 1.350 | |
| webmin | usermin | 1.360 | |
| webmin | usermin | 1.370 | |
| webmin | usermin | 1.380 | |
| webmin | usermin | 1.390 | |
| webmin | usermin | 1.400 | |
| webmin | usermin | 1.410 | |
| webmin | usermin | 1.420 | |
| webmin | usermin | 1.430 | |
| webmin | usermin | 1.440 | |
| webmin | usermin | 1.450 | |
| webmin | usermin | 1.460 | |
| webmin | usermin | 1.470 | |
| webmin | usermin | 1.480 | |
| webmin | usermin | 1.490 | |
| webmin | usermin | 1.500 | |
| webmin | usermin | 1.510 | |
| webmin | usermin | 1.520 | |
| webmin | usermin | 1.530 | |
| webmin | usermin | 1.540 | |
| webmin | usermin | 1.550 | |
| webmin | usermin | 1.560 | |
| webmin | usermin | 1.570 | |
| webmin | usermin | 1.580 | |
References
CWEs
CWE-79
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.