2 matches found
CVE-2023-38307
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting XSS vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name...
CVE-2023-38307
Webmin 2.021 contains a Stored XSS in Users and Groups when adding a new user and injecting payload into the real name. Root cause is tied to insufficient protection of the web page structure, enabling an attacker with authenticated access to execute script in victims’ browsers. Exploitation deta...