{"id":"CVE-2020-35769","details":"miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program.","modified":"2026-03-15T22:36:15.508434Z","published":"2020-12-29T06:15:13.773Z","references":[{"type":"FIX","url":"https://github.com/webmin/webmin/commit/1163f3a7f418f249af64890f4636575e687e9de7#diff-9b33fd8f5603d4f0d1428689bc36f24af4770608a22c0d92b7a8bcc522450dc6"},{"type":"FIX","url":"https://vigilance.fr/vulnerability/Webmin-code-execution-via-miniserv-pl-handle-request-34220"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/webmin/webmin","events":[{"introduced":"0"},{"last_affected":"b6ad8b0f41de1063345f9eb3fcb99f789444ece4"},{"fixed":"1163f3a7f418f249af64890f4636575e687e9de7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.962"}]}}],"versions":["1.700","1.710","1.720","1.730","1.740","1.750","1.760","1.770","1.780","1.790","1.800","1.801","1.810","1.820","1.830","1.831","1.840","1.850","1.860","1.870","1.880","1.890","1.900","1.910","1.920","1.930","1.940","1.941","1.950","1.951","1.953","1.954","1.955","1.960","1.962"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-35769.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}