### [CVE-2023-43309](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43309)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload.

### POC

#### Reference
- https://github.com/TishaManandhar/Webmin_xss_POC/blob/main/XSS

#### Github
No PoCs found on GitHub currently.