CVE-2023-41158

Name of the Vulnerable Software and Affected Versions Usermin version 2.000

Description A Stored Cross-Site Scripting (XSS) issue exists in the MIME type programs tab, allowing remote attackers to inject arbitrary web script or HTML via the description field when creating a new MIME type program.

Recommendations For Usermin version 2.000, consider disabling the MIME type programs tab or restricting access to it until a patch is available to prevent exploitation of the Stored Cross-Site Scripting (XSS) issue. Avoid using the description field in the MIME type programs tab until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.