Vulnerabilities > Webmin > Webmin > 1.995

DATE CVE VULNERABILITY TITLE RISK
2024-01-25 CVE-2023-52046 Cross-site Scripting vulnerability in Webmin
Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.
network
low complexity
webmin CWE-79
4.8
2023-09-21 CVE-2023-43309 Cross-site Scripting vulnerability in Webmin
There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload.
network
low complexity
webmin CWE-79
4.8
2022-07-27 CVE-2022-36880 Cross-site Scripting vulnerability in Webmin Usermin
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.
network
webmin CWE-79
4.3
2022-07-25 CVE-2022-36446 Improper Encoding or Escaping of Output vulnerability in Webmin
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
network
low complexity
webmin CWE-116
critical
9.8