Vulnerabilities > Webmin > Webmin

DATE CVE VULNERABILITY TITLE RISK
2024-01-25 CVE-2023-52046 Cross-site Scripting vulnerability in Webmin
Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.
network
low complexity
webmin CWE-79
4.8
2023-09-21 CVE-2023-43309 Cross-site Scripting vulnerability in Webmin
There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload.
network
low complexity
webmin CWE-79
4.8
2023-09-15 CVE-2023-40983 Cross-site Scripting vulnerability in Webmin 2.100
A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file.
network
low complexity
webmin CWE-79
6.1
2023-09-15 CVE-2023-40982 Cross-site Scripting vulnerability in Webmin 2.100
A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter.
network
low complexity
webmin CWE-79
5.4
2023-09-15 CVE-2023-40984 Cross-site Scripting vulnerability in Webmin 2.100
A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file.
network
low complexity
webmin CWE-79
5.4
2023-09-15 CVE-2023-40985 Cross-site Scripting vulnerability in Webmin 2.100
An issue was discovered in Webmin 2.100.
network
low complexity
webmin CWE-79
5.4
2023-09-15 CVE-2023-40986 Cross-site Scripting vulnerability in Webmin 2.100
A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field.
network
low complexity
webmin CWE-79
5.4
2023-09-13 CVE-2023-41155 Cross-site Scripting vulnerability in Webmin Usermin and Webmin
A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.
network
low complexity
webmin CWE-79
5.4
2023-08-30 CVE-2023-41163 Cross-site Scripting vulnerability in Webmin 2.000
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.
network
low complexity
webmin CWE-79
6.1
2023-07-31 CVE-2023-38303 Cross-site Scripting vulnerability in Webmin 2.021
An issue was discovered in Webmin 2.021.
network
low complexity
webmin CWE-79
5.4