CVE-2023-40982

Name of the Vulnerable Software and Affected Versions Webmin version 2.100

Description A stored cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter. This enables attackers to potentially manipulate the web application's behavior.

Recommendations For Webmin version 2.100, consider disabling the module cloning feature until a patch is available to prevent exploitation of the stored XSS issue. Restrict access to the module name parameter to minimize the risk of malicious payload injection.