CVE-2023-38304

An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality, allowing an attacker to store a malicious payload in the Group Name field when creating a new group. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt