{"api_version":"1","generated_at":"2026-04-23T10:43:11+00:00","cve":"CVE-2023-41162","urls":{"html":"https://cve.report/CVE-2023-41162","api":"https://cve.report/api/cve/CVE-2023-41162.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-41162","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-41162"},"summary":{"title":"CVE-2023-41162","description":"A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-09-13 22:15:00","updated_at":"2023-09-19 13:57:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://webmin.com/tags/webmin-changelog/","name":"https://webmin.com/tags/webmin-changelog/","refsource":"MISC","tags":[],"title":"webmin-changelog | Webmin","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41162","name":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41162","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-41162","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41162","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"41162","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"webmin","cpe5":"usermin","cpe6":"2.000","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-41162","qid":"731091","title":"Webmin Multiple Cross-Site Scripting (XSS) Vulnerabilities"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-41162","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://webmin.com/tags/webmin-changelog/","refsource":"MISC","name":"https://webmin.com/tags/webmin-changelog/"},{"refsource":"MISC","name":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41162","url":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41162"}]}},"nvd":{"publishedDate":"2023-09-13 22:15:00","lastModifiedDate":"2023-09-19 13:57:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:webmin:usermin:2.000:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}