You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggering the execution of the payload when saving the configuration or when accessing the System Logs Viewer page.
RISK FACTOR: High
Affected Component - configuration settings of the system logs viewer functionality
Procedure for reproducing the issue:
1. Navigate to the "System Logs Viewer" and access the "Configuration" section.
2. Upon saving the changes, an accompanying popup will be triggered.
3. Upon returning to the "System Logs Viewer" and refreshing the page, the popup will reappear consistently, as it is exhibited each time the page loads.