CVE-2023-38307

Published July 31st, 2023

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name.

jaysharma786/Webmin-2.021

During my investigation, I have uncovered critical security vulnerabilities within Webmin version 2.021.

GitHub