First published: Sat Sep 16 2023(Updated: )
Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Webmin Usermin | =2.000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Usermin vulnerability is CVE-2023-41157.
The severity level of CVE-2023-41157 is medium, with a score of 5.4.
Remote attackers can exploit CVE-2023-41157 by injecting arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab.
Usermin version 2.000 is affected by CVE-2023-41157.
Yes, a fix for CVE-2023-41157 is available. It is recommended to update Usermin to a version that includes the fix.