CVE-2023-40984

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 15, 2023
Updated: Sep 20, 2023
CWE ID 79

Summary

CVE-2023-40984 is a reflected cross-site scripting (XSS) vulnerability affecting Webmin's File Manager function, version 2.100. This issue enables attackers to inject malicious scripts into the Replace in Results file, exploiting the vulnerability to execute malicious code in users' browsers. Successful attacks could lead to data theft or unauthorized system access. Users are urged to update their Webmin installations to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Webmin

Affected Vendors

  • The Webmin Community