CVE-2023-52046

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-52046

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52046.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-52046

Published

2024-01-25T21:15:08.730Z

Modified

2026-03-14T12:16:42.283573Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.

References

https://github.com/Acklee/webadmin_xss/blob/main/xss.md

Affected packages

Git / github.com/webmin/webmin

Affected ranges

Type

GIT

Repo

https://github.com/webmin/webmin

Events

Introduced

Last affected

627a047028076474968a7fad5a144f0ccf581f7e

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.105"
        }
    ]
}

Affected versions

1.*

1.700

1.710

1.720

1.730

1.740

1.750

1.760

1.770

1.780

1.790

1.800

1.801

1.810

1.820

1.830

1.831

1.840

1.850

1.860

1.870

1.880

1.890

1.900

1.910

1.920

1.930

1.940

1.941

1.950

1.951

1.953

1.954

1.955

1.960

1.962

1.970

1.972

1.973

1.974

1.979

1.980

1.982

1.983

1.984

1.990

1.991

1.993

1.994

1.995

1.996

1.997

1.998

1.999

2.*

2.000

2.001

2.003

2.010

2.011

2.012

2.013

2.020

2.021

2.100

2.101

2.102

2.103

2.104

2.105

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52046.json"