exploitDog

CVE-2023-40985

Опубликовано: 15 сент. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file is searched/replaced.

Ссылки

http://webmin.com
Product
https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40985
Exploit
Third Party Advisory
http://webmin.com
Product
https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40985
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webmin:webmin:2.100:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.0026

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-40985

CVSS3: 5.4

debian

больше 2 лет назад

An issue was discovered in Webmin 2.100. The File Manager functionalit ...

GHSA-m8xw-xh7f-gj9q

CVSS3: 5.4

github

больше 2 лет назад

An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file is searched/replaced.

EPSS

Процентиль: 49%

0.0026

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79