{"api_version":"1","generated_at":"2026-04-23T10:43:11+00:00","cve":"CVE-2023-41163","urls":{"html":"https://cve.report/CVE-2023-41163","api":"https://cve.report/api/cve/CVE-2023-41163.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-41163","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-41163"},"summary":{"title":"CVE-2023-41163","description":"A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-08-30 22:15:00","updated_at":"2023-09-05 19:37:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://webmin.com/tags/webmin-changelog/","name":"https://webmin.com/tags/webmin-changelog/","refsource":"MISC","tags":[],"title":"webmin-changelog | Webmin","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41163","name":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41163","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-41163","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41163","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"41163","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"webmin","cpe5":"webmin","cpe6":"2.000","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-41163","qid":"731091","title":"Webmin Multiple Cross-Site Scripting (XSS) Vulnerabilities"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-41163","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://webmin.com/tags/webmin-changelog/","refsource":"MISC","name":"https://webmin.com/tags/webmin-changelog/"},{"refsource":"MISC","name":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41163","url":"https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41163"}]}},"nvd":{"publishedDate":"2023-08-30 22:15:00","lastModifiedDate":"2023-09-05 19:37:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:webmin:webmin:2.000:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}