Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-38309

Опубликовано: 31 июл. 2023
Источник: debian
EPSS Низкий

Описание

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
webminremovedpackage

EPSS

Процентиль: 60%
0.00405
Низкий

Связанные уязвимости

nvd логотип

CVE-2023-38309

CVSS3: 6.1
nvd
почти 2 года назад

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

github логотип

GHSA-wqmw-cmc2-6cf5

CVSS3: 6.1
github
почти 2 года назад

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

fstec логотип

BDU:2023-04470

CVSS3: 5.4
fstec
почти 2 года назад

Уязвимость панели управления хостингом Webmin, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

redos логотип

ROS-20240918-04

CVSS3: 8.8
redos
9 месяцев назад

Множественные уязвимости webmin

EPSS

Процентиль: 60%
0.00405
Низкий