CVE-2023-52046

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-52046

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52046.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-52046

Published

2024-01-25T21:15:08.730Z

Modified

2025-11-15T07:05:18.202852Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.

References

https://github.com/Acklee/webadmin_xss/blob/main/xss.md

Affected packages

Git / github.com/webmin/webmin

Affected ranges

Type: GIT
Repo: https://github.com/webmin/webmin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

627a047028076474968a7fad5a144f0ccf581f7e

Affected versions

1.*

1.700

1.710

1.720

1.730

1.740

1.750

1.760

1.770

1.780

1.790

1.800

1.801

1.810

1.820

1.830

1.831

1.840

1.850

1.860

1.870

1.880

1.890

1.900

1.910

1.920

1.930

1.940

1.941

1.950

1.951

1.953

1.954

1.955

1.960

1.962

1.970

1.972

1.973

1.974

1.979

1.980

1.982

1.983

1.984

1.990

1.991

1.993

1.994

1.995

1.996

1.997

1.998

1.999

2.*

2.000

2.001

2.003

2.010

2.011

2.012

2.013

2.020

2.021

2.100

2.101

2.102

2.103

2.104

2.105

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52046.json"