CVE-2024-36452
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-36452
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36452.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-36452
- Published
- 2024-07-10T07:15:03.103Z
- Modified
- 2025-11-15T20:59:38.741384Z
- Severity
-
- 3.1 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted.
- References
Affected packages
Git / github.com/webmin/webmin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/webmin/webmin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.700
1.710
1.720
1.730
1.740
1.750
1.760
1.770
1.780
1.790
1.800
1.801
1.810
1.820
1.830
1.831
1.840
1.850
1.860
1.870
1.880
1.890
1.900
1.910
1.920
1.930
1.940
1.941
1.950
1.951
1.953
1.954
1.955
1.960
1.962
1.970
1.972
1.973
1.974
1.979
1.980
1.982
1.983
1.984
1.990
1.991
1.993
1.994
1.995
1.996
1.997
1.998
1.999
2.*
2.000
2.001