CVE-2023-38310

Name of the Vulnerable Software and Affected Versions Webmin version 2.021

Description The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability in the configuration settings of the system logs functionality. This vulnerability allows an attacker to store an XSS payload in the configuration settings of specific log files, resulting in the execution of that payload whenever the affected log files are accessed.

Recommendations For Webmin version 2.021, consider disabling access to the system logs functionality until a patch is available. Restrict access to the configuration settings of specific log files to minimize the risk of exploitation. Avoid using the affected log files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.