Reflected Cross-Site Scripting (XSS) Vulnerability in Cloudmin Services Client

Reflected Cross-Site Scripting (XSS) Vulnerability in Cloudmin Services Client

CVE-2023-47096 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A Reflected Cross-Site Scripting (XSS) vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field.

Learn more about our Web App Pen Testing.