CVE-2023-41155: XSS
First published: Wed Sep 13 2023(Updated: )
A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Usermin | =2.000 | |
| Webmin Webmin | =2.000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-41155?
CVE-2023-41155 is a Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000.
How does CVE-2023-41155 affect Webmin and Usermin?
CVE-2023-41155 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.
What is the severity of CVE-2023-41155?
The severity of CVE-2023-41155 is medium with a CVSS score of 5.4.
How can I fix CVE-2023-41155?
To fix CVE-2023-41155, you can update Webmin and Usermin to the latest version, which includes the necessary security patches.
Are there any references for CVE-2023-41155?
Yes, you can find more information about CVE-2023-41155 on the GitHub repository and Webmin's official website.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/type
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/webmin
- canonical/webmin usermin
- version/webmin usermin/2.000
- canonical/webmin webmin
- version/webmin webmin/2.000