CVE-2023-47096: XSS
First published: Tue Oct 31 2023(Updated: )
A Reflected Cross-Site Scripting (XSS) vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Virtualmin | =7.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-47096?
The severity of CVE-2023-47096 is medium, with a CVSS score of 5.4.
What is the description of CVE-2023-47096?
CVE-2023-47096 is a Reflected Cross-Site Scripting (XSS) vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 that allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field.
How does CVE-2023-47096 impact Virtualmin 7.7?
CVE-2023-47096 allows remote attackers to inject arbitrary web script or HTML into Virtualmin 7.7 via the Cloudmin services master field.
What is the Common Weakness Enumeration (CWE) ID for CVE-2023-47096?
The CWE ID for CVE-2023-47096 is CWE-79.
Is there a fix available for CVE-2023-47096?
At the moment, there is no fix available for CVE-2023-47096. It is recommended to follow the vendor's advisory for any updates or patches.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/virtualmin
- canonical/virtualmin
- version/virtualmin/7.7