CVE-2019-12840

In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt