CVE-2023-47098: XSS
First published: Tue Oct 31 2023(Updated: )
A Stored Cross-Site Scripting (XSS) vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Virtualmin | =7.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-47098?
CVE-2023-47098 is a Stored Cross-Site Scripting (XSS) vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7.
How does the vulnerability CVE-2023-47098 work?
The CVE-2023-47098 vulnerability allows remote attackers to inject arbitrary web script or HTML via the real name or description field in the Manage Extra Admins section of Virtualmin 7.7.
How severe is CVE-2023-47098?
CVE-2023-47098 has a severity rating of medium (4.8).
Which software versions are affected by CVE-2023-47098?
The vulnerability affects Virtualmin 7.7.
How can I fix CVE-2023-47098?
To fix CVE-2023-47098, users should update to a version of Virtualmin that includes the necessary security patches.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/virtualmin
- canonical/virtualmin
- version/virtualmin/7.7