CVE-2021-32160

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT

Description

A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.

Mesh3l911/CVE-2021-32160
Mesh3l911/CVE-2021-32160
Exploiting a Reflected Cross-Site Scripting (XSS) attack to create a privileged user through the Webmin's add users feature then getting a reverse shell through the Webmin's running process feature
GitHubGitHub