Stored Cross-Site Scripting (XSS) Vulnerability in Webmin 2.021 System Logs Viewer

Stored Cross-Site Scripting (XSS) Vulnerability in Webmin 2.021 System Logs Viewer

CVE-2023-38311 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggering the execution of the payload when saving the configuration or when accessing the System Logs Viewer page.

Learn more about our Web App Pen Testing.