Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-wqmw-cmc2-6cf5

Опубликовано: 31 июл. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

Ссылки

EPSS

Процентиль: 60%
0.00405
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2023-38309

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2023-38309

CVSS3: 6.1
nvd
почти 2 года назад

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

debian логотип

CVE-2023-38309

CVSS3: 6.1
debian
почти 2 года назад

An issue was discovered in Webmin 2.021. A Reflected Cross-Site Script ...

fstec логотип

BDU:2023-04470

CVSS3: 5.4
fstec
почти 2 года назад

Уязвимость панели управления хостингом Webmin, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

redos логотип

ROS-20240918-04

CVSS3: 8.8
redos
9 месяцев назад

Множественные уязвимости webmin

EPSS

Процентиль: 60%
0.00405
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2023-38309

Дефекты

CWE-79