CVE-2017-17089

custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the custom command functionality. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt