CVE-2023-43309

Name of the Vulnerable Software and Affected Versions Webmin versions 2.002 and below

Description The issue is related to a stored cross-site scripting (XSS) vulnerability, which allows attackers to run malicious scripts by injecting a specially crafted payload via the Cluster Cron Job tab Input field. This vulnerability can be exploited by a remote attacker to conduct an XSS attack.

Recommendations For Webmin versions 2.002 and below, as a temporary workaround, consider disabling the Cluster Cron Job tab Input field until a patch is available. Restrict access to this field to minimize the risk of exploitation. Avoid using the Cluster Cron Job tab until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.