CVE-2023-41152

Name of the Vulnerable Software and Affected Versions Usermin version 2.000 Webmin and Usermin version 2.000

Description A Stored Cross-Site Scripting (XSS) issue exists in the MIME type programs tab, allowing remote attackers to inject arbitrary web script or HTML via the handle program field while creating a new MIME type program.

Recommendations For Usermin version 2.000, consider disabling the MIME type programs tab until a patch is available. For Webmin and Usermin version 2.000, restrict access to the MIME type programs tab to minimize the risk of exploitation. Avoid using the handle program field in the affected MIME type programs tab until the issue is resolved.