CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41156
https://notcve.org/view.php?id=CVE-2023-41156
A Stored Cross-Site Scripting (XSS) vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la pestaña de filtro y reenvío de correo en Usermin 2.001 permite a atacantes remotos inyectar script web o HTML de su elección a través del campo llamado "guardar en nueva carpeta" mientras crean un nuevo filtro. • https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41156 https://webmin.com/tags/webmin-changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41160
https://notcve.org/view.php?id=CVE-2023-41160
A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the key name field while adding an authorized key. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la pestaña de configuración SSH en Usermin 2.001 permite a los atacantes remotos inyectar scripts web arbitrarios o HTML a través del campo de nombre de clave mientras agregan una clave autorizada. • https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41160 https://webmin.com/tags/webmin-changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41153
https://notcve.org/view.php?id=CVE-2023-41153
A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options. • https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41153 https://webmin.com/tags/webmin-changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •