CVE-2023-47099: XSS
First published: Tue Oct 31 2023(Updated: )
A Stored Cross-Site Scripting (XSS) vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Virtualmin | =7.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-47099?
The severity of CVE-2023-47099 is medium with a CVSS score of 5.4.
How can remote attackers exploit CVE-2023-47099?
Remote attackers can exploit CVE-2023-47099 by injecting arbitrary web script or HTML via the Description field while creating a Virtual server in Virtualmin 7.7.
What software version is affected by CVE-2023-47099?
CVE-2023-47099 affects Virtualmin 7.7.
Is there a fix for CVE-2023-47099?
Yes, there is a fix available for CVE-2023-47099. Please refer to the provided reference for more information.
What is the Common Weakness Enumeration (CWE) ID for CVE-2023-47099?
The Common Weakness Enumeration (CWE) ID for CVE-2023-47099 is 79.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/virtualmin
- canonical/virtualmin
- version/virtualmin/7.7