An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.
History

Tue, 22 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-07-31T00:00:00

Updated: 2024-10-22T17:49:35.023Z

Reserved: 2023-07-14T00:00:00

Link: CVE-2023-38309

cve-icon Vulnrichment

Updated: 2024-08-02T17:39:12.681Z

cve-icon NVD

Status : Modified

Published: 2023-07-31T15:15:10.847

Modified: 2024-11-21T08:13:17.847

Link: CVE-2023-38309

cve-icon Redhat

No data.