{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Webmin versions ant\u00e9rieures \u00e0 1.296 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Usermin versions ant\u00e9rieures \u00e0 1.226.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 dans le traitement des adresses r\u00e9ticulaires (URL)\npermet de r\u00e9aliser des attaques de type cross-site scripting ou\nd'afficher le code source de certains scripts perl ou CGI.\n\n## Solution\n\nMettre \u00e0 jour en version 1.296 (Webmin) et 1.226 (Usermin). Il s'agit\npour le moment de versions de d\u00e9veloppement (voir Documentation).\n","cves":[{"name":"CVE-2006-4542","url":"https://www.cve.org/CVERecord?id=CVE-2006-4542"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-1199 du 23 octobre 2006 :","url":"http://www.debian.org/security/2006/dsa-1199"},{"title":"Versions de d\u00e9veloppement 1.296 de Webmin et 1.226 de    Usermin :","url":"http://download.webmin.com/devel/tarballs/"}],"reference":"CERTA-2006-AVI-382","revisions":[{"description":"version initiale ;","revision_date":"2006-09-05T00:00:00.000000"},{"description":"ajout du bulletin Debian et de la r\u00e9f\u00e9rence CVE.","revision_date":"2006-10-25T00:00:00.000000"}],"risks":[{"description":"Cross-site scripting"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 dans Webmin et Usermin","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Webmin","url":"http://www.webmin.com/security.html"}]}