exploitDog

CVE-2023-41156

Опубликовано: 14 сент. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A Stored Cross-Site Scripting (XSS) vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter.

Ссылки

https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41156
Third Party Advisory
https://webmin.com/tags/webmin-changelog/
Release Notes
https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41156
Third Party Advisory
https://webmin.com/tags/webmin-changelog/
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webmin:usermin:2.001:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00126

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-c8ff-jp9w-qjg8

CVSS3: 5.4

github

больше 2 лет назад

A Stored Cross-Site Scripting (XSS) vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter.

EPSS

Процентиль: 33%

0.00126

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79