CVE-2023-40983

Name of the Vulnerable Software and Affected Versions Webmin version 2.100

Description A reflected cross-site scripting (XSS) issue in the File Manager function allows attackers to execute malicious scripts by injecting a crafted payload into the Find in Results file. This enables the execution of malicious code, potentially leading to unauthorized actions on the affected system.

Recommendations For Webmin version 2.100, consider disabling the File Manager function until a patch is available to prevent exploitation of this issue. Restrict access to the File Manager to minimize the risk of malicious script execution. Avoid using the Find in Results file feature in the File Manager until the issue is resolved.