Stored XSS Vulnerability in Virtualmin 7.7 Create Virtual Server Description Field

Stored XSS Vulnerability in Virtualmin 7.7 Create Virtual Server Description Field

CVE-2023-47099 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A Stored Cross-Site Scripting (XSS) vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server.

Learn more about our Web App Pen Testing.