CVE-2023-38310

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jul 31, 2023

Updated: Aug 4, 2023

CWE ID 79

Summary

CVE-2023-38310 is a newly discovered vulnerability in Webmin 2.021. This issue involves a Stored Cross-Site Scripting (XSS) flaw in the system logs functionality configuration settings. Attackers can exploit this vulnerability by injecting malicious XSS payloads into specific log files' configurations. Consequently, whenever these affected log files are accessed, the attacker's XSS code is executed, posing a significant security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Webmin

Affected Vendors

The Webmin Community

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r_kV1S
https://www.cve.org/CVERecord?id=CVE-2023-38310
https://nvd.nist.gov/vuln/detail/CVE-2023-38310

Back to Vulnerability Database