cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398).
References
Link | Resource |
---|---|
https://documentation.cpanel.net/display/CL/72+Change+Log | Product Release Notes |
https://news.cpanel.com/cpanel-tsr-2018-0003-full-disclosure/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-08-01 07:15
Updated : 2019-08-08 08:55
NVD link : CVE-2018-20899
Mitre link : CVE-2018-20899
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cpanel
- cpanel