CVE-2023-41155

2023-09-1322:15:08

Google

osv.dev

cve-2023-41155

stored cross-site scripting

webmin

usermin

mail forwarding

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.

CPENameOperatorVersion
usermineq1.953
usermineq1.790
usermineq1.984
usermineq1.962
usermineq2.000
usermineq1.720
usermineq1.998
usermineq1.996
usermineq1.831
usermineq1.770