First published: Wed Aug 30 2023(Updated: )
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Webmin Webmin | =2.000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-41163 is a Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000.
CVE-2023-41163 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down in Usermin 2.000.
The severity of CVE-2023-41163 is medium with a severity value of 6.1.
To fix CVE-2023-41163 in Usermin, update to a version that is not affected by the vulnerability. Check the official Webmin website for the latest updates.
CWE-79 is a weakness in software that allows an attacker to execute arbitrary code or commands through web scripting.