CVE-2023-29489

🗓️ 27 Apr 2023 00:00:00Reported by AttackerKBType

An XSS vulnerability in cPanel allows arbitrary JavaScript execution without authentication on various webserver ports, including 80 and 443

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 25
GithubExploit	Exploit for Cross-site Scripting in Cpanel	21 Apr 202412:26	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	16 Nov 202320:24	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	23 Jan 202420:29	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	29 Apr 202318:52	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	1 May 202303:29	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	10 Jun 202322:34	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	5 May 202310:45	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	23 Dec 202306:28	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	17 May 202320:46	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Cpanel	22 Jan 202415:54	–	githubexploit

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
forums	www.forums.cpanel.net/threads/cpanel-tsr-2023-0001-full-disclosure.708949/
blog	www.blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Apr 2023 00:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS35.3 - 6.1

EPSS0.92851

SSVC