CVE-2023-41163: XSS
First published: Wed Aug 30 2023(Updated: )
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Webmin | =2.000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-41163?
CVE-2023-41163 is a Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000.
How does CVE-2023-41163 affect Usermin?
CVE-2023-41163 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down in Usermin 2.000.
What is the severity of CVE-2023-41163?
The severity of CVE-2023-41163 is medium with a severity value of 6.1.
How can I fix CVE-2023-41163 in Usermin?
To fix CVE-2023-41163 in Usermin, update to a version that is not affected by the vulnerability. Check the official Webmin website for the latest updates.
What is CWE-79?
CWE-79 is a weakness in software that allows an attacker to execute arbitrary code or commands through web scripting.
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/webmin
- canonical/webmin webmin
- version/webmin webmin/2.000