CVE-2014-3884 Detail

CVE-2014-3884

CVE Descriptions

Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	4.3		AV:N/AC:M/Au:N/C:N/I:P/A:N	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Webmin>>Usermin >> Version To (including) 1.590

Webmin>>Usermin >> Version 0.4 (Open CPE detail)
Webmin>>Usermin >> Version 0.5 (Open CPE detail)
Webmin>>Usermin >> Version 0.6 (Open CPE detail)
Webmin>>Usermin >> Version 0.7 (Open CPE detail)
Webmin>>Usermin >> Version 0.80 (Open CPE detail)
Webmin>>Usermin >> Version 0.90 (Open CPE detail)
Webmin>>Usermin >> Version 0.910 (Open CPE detail)
Webmin>>Usermin >> Version 0.929 (Open CPE detail)
Webmin>>Usermin >> Version 0.930 (Open CPE detail)
Webmin>>Usermin >> Version 0.940 (Open CPE detail)
Webmin>>Usermin >> Version 0.950 (Open CPE detail)
Webmin>>Usermin >> Version 0.960 (Open CPE detail)
Webmin>>Usermin >> Version 0.970 (Open CPE detail)
Webmin>>Usermin >> Version 0.980 (Open CPE detail)
Webmin>>Usermin >> Version 0.990 (Open CPE detail)
Webmin>>Usermin >> Version 1.000 (Open CPE detail)
Webmin>>Usermin >> Version 1.010 (Open CPE detail)
Webmin>>Usermin >> Version 1.020 (Open CPE detail)
Webmin>>Usermin >> Version 1.030 (Open CPE detail)
Webmin>>Usermin >> Version 1.040 (Open CPE detail)
Webmin>>Usermin >> Version 1.050 (Open CPE detail)
Webmin>>Usermin >> Version 1.051 (Open CPE detail)
Webmin>>Usermin >> Version 1.060 (Open CPE detail)
Webmin>>Usermin >> Version 1.070 (Open CPE detail)
Webmin>>Usermin >> Version 1.080 (Open CPE detail)
Webmin>>Usermin >> Version 1.090 (Open CPE detail)
Webmin>>Usermin >> Version 1.100 (Open CPE detail)
Webmin>>Usermin >> Version 1.110 (Open CPE detail)
Webmin>>Usermin >> Version 1.120 (Open CPE detail)
Webmin>>Usermin >> Version 1.130 (Open CPE detail)
Webmin>>Usermin >> Version 1.140 (Open CPE detail)
Webmin>>Usermin >> Version 1.150 (Open CPE detail)
Webmin>>Usermin >> Version 1.160 (Open CPE detail)
Webmin>>Usermin >> Version 1.170 (Open CPE detail)
Webmin>>Usermin >> Version 1.180 (Open CPE detail)
Webmin>>Usermin >> Version 1.190 (Open CPE detail)
Webmin>>Usermin >> Version 1.200 (Open CPE detail)
Webmin>>Usermin >> Version 1.210 (Open CPE detail)
Webmin>>Usermin >> Version 1.220 (Open CPE detail)
Webmin>>Usermin >> Version 1.230 (Open CPE detail)
Webmin>>Usermin >> Version 1.240 (Open CPE detail)
Webmin>>Usermin >> Version 1.250 (Open CPE detail)
Webmin>>Usermin >> Version 1.260 (Open CPE detail)
Webmin>>Usermin >> Version 1.270 (Open CPE detail)
Webmin>>Usermin >> Version 1.280 (Open CPE detail)
Webmin>>Usermin >> Version 1.290 (Open CPE detail)
Webmin>>Usermin >> Version 1.300 (Open CPE detail)
Webmin>>Usermin >> Version 1.310 (Open CPE detail)
Webmin>>Usermin >> Version 1.320 (Open CPE detail)
Webmin>>Usermin >> Version 1.330 (Open CPE detail)
Webmin>>Usermin >> Version 1.340 (Open CPE detail)
Webmin>>Usermin >> Version 1.350 (Open CPE detail)
Webmin>>Usermin >> Version 1.360 (Open CPE detail)
Webmin>>Usermin >> Version 1.370 (Open CPE detail)
Webmin>>Usermin >> Version 1.380 (Open CPE detail)
Webmin>>Usermin >> Version 1.390 (Open CPE detail)
Webmin>>Usermin >> Version 1.400 (Open CPE detail)
Webmin>>Usermin >> Version 1.410 (Open CPE detail)
Webmin>>Usermin >> Version 1.420 (Open CPE detail)
Webmin>>Usermin >> Version 1.430 (Open CPE detail)
Webmin>>Usermin >> Version 1.440 (Open CPE detail)
Webmin>>Usermin >> Version 1.450 (Open CPE detail)
Webmin>>Usermin >> Version 1.460 (Open CPE detail)
Webmin>>Usermin >> Version 1.470 (Open CPE detail)
Webmin>>Usermin >> Version 1.480 (Open CPE detail)
Webmin>>Usermin >> Version 1.490 (Open CPE detail)
Webmin>>Usermin >> Version 1.500 (Open CPE detail)
Webmin>>Usermin >> Version 1.510 (Open CPE detail)
Webmin>>Usermin >> Version 1.520 (Open CPE detail)
Webmin>>Usermin >> Version 1.530 (Open CPE detail)
Webmin>>Usermin >> Version 1.540 (Open CPE detail)
Webmin>>Usermin >> Version 1.550 (Open CPE detail)
Webmin>>Usermin >> Version 1.560 (Open CPE detail)
Webmin>>Usermin >> Version 1.570 (Open CPE detail)
Webmin>>Usermin >> Version 1.580 (Open CPE detail)
Webmin>>Usermin >> Version 1.590 (Open CPE detail)

Webmin>>Usermin >> Version 0.4

Webmin>>Usermin >> Version 0.4 (Open CPE detail)

Webmin>>Usermin >> Version 0.5

Webmin>>Usermin >> Version 0.5 (Open CPE detail)

Webmin>>Usermin >> Version 0.6

Webmin>>Usermin >> Version 0.6 (Open CPE detail)

Webmin>>Usermin >> Version 0.7

Webmin>>Usermin >> Version 0.7 (Open CPE detail)

Webmin>>Usermin >> Version 0.80

Webmin>>Usermin >> Version 0.80 (Open CPE detail)

Webmin>>Usermin >> Version 0.90

Webmin>>Usermin >> Version 0.90 (Open CPE detail)

Webmin>>Usermin >> Version 0.910

Webmin>>Usermin >> Version 0.910 (Open CPE detail)

Webmin>>Usermin >> Version 0.929

Webmin>>Usermin >> Version 0.929 (Open CPE detail)

Webmin>>Usermin >> Version 0.930

Webmin>>Usermin >> Version 0.930 (Open CPE detail)

Webmin>>Usermin >> Version 0.940

Webmin>>Usermin >> Version 0.940 (Open CPE detail)

Webmin>>Usermin >> Version 0.950

Webmin>>Usermin >> Version 0.950 (Open CPE detail)

Webmin>>Usermin >> Version 0.960

Webmin>>Usermin >> Version 0.960 (Open CPE detail)

Webmin>>Usermin >> Version 0.970

Webmin>>Usermin >> Version 0.970 (Open CPE detail)

Webmin>>Usermin >> Version 0.980

Webmin>>Usermin >> Version 0.980 (Open CPE detail)

Webmin>>Usermin >> Version 0.990

Webmin>>Usermin >> Version 0.990 (Open CPE detail)

Webmin>>Usermin >> Version 1.000

Webmin>>Usermin >> Version 1.000 (Open CPE detail)

Webmin>>Usermin >> Version 1.010

Webmin>>Usermin >> Version 1.010 (Open CPE detail)

Webmin>>Usermin >> Version 1.020

Webmin>>Usermin >> Version 1.020 (Open CPE detail)

Webmin>>Usermin >> Version 1.030

Webmin>>Usermin >> Version 1.030 (Open CPE detail)

Webmin>>Usermin >> Version 1.040

Webmin>>Usermin >> Version 1.040 (Open CPE detail)

Webmin>>Usermin >> Version 1.050

Webmin>>Usermin >> Version 1.050 (Open CPE detail)

Webmin>>Usermin >> Version 1.051

Webmin>>Usermin >> Version 1.051 (Open CPE detail)

Webmin>>Usermin >> Version 1.060

Webmin>>Usermin >> Version 1.060 (Open CPE detail)

Webmin>>Usermin >> Version 1.070

Webmin>>Usermin >> Version 1.070 (Open CPE detail)

Webmin>>Usermin >> Version 1.080

Webmin>>Usermin >> Version 1.080 (Open CPE detail)

Webmin>>Usermin >> Version 1.090

Webmin>>Usermin >> Version 1.090 (Open CPE detail)

Webmin>>Usermin >> Version 1.100

Webmin>>Usermin >> Version 1.100 (Open CPE detail)

Webmin>>Usermin >> Version 1.110

Webmin>>Usermin >> Version 1.110 (Open CPE detail)

Webmin>>Usermin >> Version 1.120

Webmin>>Usermin >> Version 1.120 (Open CPE detail)

Webmin>>Usermin >> Version 1.130

Webmin>>Usermin >> Version 1.130 (Open CPE detail)

Webmin>>Usermin >> Version 1.140

Webmin>>Usermin >> Version 1.140 (Open CPE detail)

Webmin>>Usermin >> Version 1.150

Webmin>>Usermin >> Version 1.150 (Open CPE detail)

Webmin>>Usermin >> Version 1.160

Webmin>>Usermin >> Version 1.160 (Open CPE detail)

Webmin>>Usermin >> Version 1.170

Webmin>>Usermin >> Version 1.170 (Open CPE detail)

Webmin>>Usermin >> Version 1.180

Webmin>>Usermin >> Version 1.180 (Open CPE detail)

Webmin>>Usermin >> Version 1.190

Webmin>>Usermin >> Version 1.190 (Open CPE detail)

Webmin>>Usermin >> Version 1.200

Webmin>>Usermin >> Version 1.200 (Open CPE detail)

Webmin>>Usermin >> Version 1.210

Webmin>>Usermin >> Version 1.210 (Open CPE detail)

Webmin>>Usermin >> Version 1.220

Webmin>>Usermin >> Version 1.220 (Open CPE detail)

Webmin>>Usermin >> Version 1.230

Webmin>>Usermin >> Version 1.230 (Open CPE detail)

Webmin>>Usermin >> Version 1.240

Webmin>>Usermin >> Version 1.240 (Open CPE detail)

Webmin>>Usermin >> Version 1.250

Webmin>>Usermin >> Version 1.250 (Open CPE detail)

Webmin>>Usermin >> Version 1.260

Webmin>>Usermin >> Version 1.260 (Open CPE detail)

Webmin>>Usermin >> Version 1.270

Webmin>>Usermin >> Version 1.270 (Open CPE detail)

Webmin>>Usermin >> Version 1.280

Webmin>>Usermin >> Version 1.280 (Open CPE detail)

Webmin>>Usermin >> Version 1.290

Webmin>>Usermin >> Version 1.290 (Open CPE detail)

Webmin>>Usermin >> Version 1.300

Webmin>>Usermin >> Version 1.300 (Open CPE detail)

Webmin>>Usermin >> Version 1.310

Webmin>>Usermin >> Version 1.310 (Open CPE detail)

Webmin>>Usermin >> Version 1.320

Webmin>>Usermin >> Version 1.320 (Open CPE detail)

Webmin>>Usermin >> Version 1.330

Webmin>>Usermin >> Version 1.330 (Open CPE detail)

Webmin>>Usermin >> Version 1.340

Webmin>>Usermin >> Version 1.340 (Open CPE detail)

Webmin>>Usermin >> Version 1.350

Webmin>>Usermin >> Version 1.350 (Open CPE detail)

Webmin>>Usermin >> Version 1.360

Webmin>>Usermin >> Version 1.360 (Open CPE detail)

Webmin>>Usermin >> Version 1.370

Webmin>>Usermin >> Version 1.370 (Open CPE detail)

Webmin>>Usermin >> Version 1.380

Webmin>>Usermin >> Version 1.380 (Open CPE detail)

Webmin>>Usermin >> Version 1.390

Webmin>>Usermin >> Version 1.390 (Open CPE detail)

Webmin>>Usermin >> Version 1.400

Webmin>>Usermin >> Version 1.400 (Open CPE detail)

Webmin>>Usermin >> Version 1.410

Webmin>>Usermin >> Version 1.410 (Open CPE detail)

Webmin>>Usermin >> Version 1.420

Webmin>>Usermin >> Version 1.420 (Open CPE detail)

Webmin>>Usermin >> Version 1.430

Webmin>>Usermin >> Version 1.430 (Open CPE detail)

Webmin>>Usermin >> Version 1.440

Webmin>>Usermin >> Version 1.440 (Open CPE detail)

Webmin>>Usermin >> Version 1.450

Webmin>>Usermin >> Version 1.450 (Open CPE detail)

Webmin>>Usermin >> Version 1.460

Webmin>>Usermin >> Version 1.460 (Open CPE detail)

Webmin>>Usermin >> Version 1.470

Webmin>>Usermin >> Version 1.470 (Open CPE detail)

Webmin>>Usermin >> Version 1.480

Webmin>>Usermin >> Version 1.480 (Open CPE detail)

Webmin>>Usermin >> Version 1.490

Webmin>>Usermin >> Version 1.490 (Open CPE detail)

Webmin>>Usermin >> Version 1.500

Webmin>>Usermin >> Version 1.500 (Open CPE detail)

Webmin>>Usermin >> Version 1.510

Webmin>>Usermin >> Version 1.510 (Open CPE detail)

Webmin>>Usermin >> Version 1.520

Webmin>>Usermin >> Version 1.520 (Open CPE detail)

Webmin>>Usermin >> Version 1.530

Webmin>>Usermin >> Version 1.530 (Open CPE detail)

Webmin>>Usermin >> Version 1.540

Webmin>>Usermin >> Version 1.540 (Open CPE detail)

Webmin>>Usermin >> Version 1.550

Webmin>>Usermin >> Version 1.550 (Open CPE detail)

Webmin>>Usermin >> Version 1.560

Webmin>>Usermin >> Version 1.560 (Open CPE detail)

Webmin>>Usermin >> Version 1.570

Webmin>>Usermin >> Version 1.570 (Open CPE detail)

Webmin>>Usermin >> Version 1.580

Webmin>>Usermin >> Version 1.580 (Open CPE detail)

References

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000058
Tags : third-party-advisory, x_refsource_JVNDB

http://jvn.jp/en/jp/JVN92737498/index.html
Tags : third-party-advisory, x_refsource_JVN

CVE-2014-3884 : Detail