exploitDog

CVE-2023-41159

Опубликовано: 14 сент. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A Stored Cross-Site Scripting (XSS) vulnerability while editing the autoreply file page in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML by editing the forward file manually.

Ссылки

https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41159
Third Party Advisory
https://webmin.com/tags/webmin-changelog/
Release Notes
https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41159
Third Party Advisory
https://webmin.com/tags/webmin-changelog/
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webmin:usermin:2.000:*:*:*:*:*:*:*

EPSS

Процентиль: 28%

0.00096

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-27g2-x7r5-jm53

CVSS3: 5.4

github

почти 2 года назад

A Stored Cross-Site Scripting (XSS) vulnerability while editing the autoreply file page in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML by editing the forward file manually.

EPSS

Процентиль: 28%

0.00096

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79