CVE-2020-8820

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-8820

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8820.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-8820

Downstream

MGASA-2020-0400

Related

MGASA-2020-0400

Published

2020-10-12T16:15:12.513Z

Modified

2026-04-11T23:13:25.493758Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and executed.

References

https://www.webmin.com/security.html

Affected packages

Git / github.com/webmin/webmin

Affected ranges

Type

GIT

Repo

https://github.com/webmin/webmin

Events

Introduced

Last affected

d5227e85afec512718dd77a759a56cd212a15c1c

Database specific

{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.941"
        }
    ],
    "cpe": "cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*"
}

Affected versions

1.*

1.700

1.710

1.720

1.730

1.740

1.750

1.760

1.770

1.780

1.790

1.800

1.801

1.810

1.820

1.830

1.831

1.840

1.850

1.860

1.870

1.880

1.890

1.900

1.910

1.920

1.930

1.940

1.941

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8820.json"