Webmin and Usermin are prone to an unspecified information-disclosure vulnerability. This issue is due to a failure in the applications to properly sanitize user-supplied input.
An attacker can exploit this issue to retrieve potentially sensitive information.
Webmin before 1.290
Usermin before 1.220
Sensitive information disclosure
The vendor has released Usermin 1.220 and Webmin 1.290 to address this issue.