Stored Cross-Site Scripting (XSS) Vulnerability in Virtualmin 7.7 Server Template Creation

Stored Cross-Site Scripting (XSS) Vulnerability in Virtualmin 7.7 Server Template Creation

CVE-2023-47097 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A Stored Cross-Site Scripting (XSS) vulnerability in the Server Template under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating server templates.

Learn more about our Web App Pen Testing.