Vi39/Webmin-2.100

Releases0

Webmin is a web-based server management control panel for Unix-like systems

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-40983 ↗	Sep 15, 2023Friday, 15 September 2023, 04:15	6.1 MEDIUM	—
A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file.
CVE-2023-40982 ↗	Sep 15, 2023Friday, 15 September 2023, 03:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter.
CVE-2023-40984 ↗	Sep 15, 2023Friday, 15 September 2023, 01:15	5.4 MEDIUM	—
A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file.
CVE-2023-40985 ↗	Sep 15, 2023Friday, 15 September 2023, 01:15	5.4 MEDIUM	—
An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file is searched/replaced.
CVE-2023-40986 ↗	Sep 15, 2023Friday, 15 September 2023, 01:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field.