index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_address parameter to the mail_add-new module.
References
Link | Resource |
---|---|
https://www.vulnerability-lab.com/get_content.php?id=1836 | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-01-21 17:29
Updated : 2023-01-24 10:57
NVD link : CVE-2018-5962
Mitre link : CVE-2018-5962
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
control-webpanel
- webpanel