Lucene search
MitreCVELIST:CVE-2023-29489HistoryApr 27, 2023 - 12:00 a.m.
CVE-2023-29489
2023-04-2700:00:00
mitre
www.cve.org
1
cpanel
xss
vulnerability
cve-2023-29489
webcall
error page
fixed versions
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.004 Low
EPSS
Percentile
73.4%
An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Related
prion
prion
Design/Logic Flaw
2023-04-27 21:15:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Cpanel
2024-05-30 07:20:09
Exploit for Cross-site Scripting in Cpanel
2023-10-17 11:18:53
Exploit for Cross-site Scripting in Cpanel
2023-08-04 22:21:57
attackerkb
attackerkb
CVE-2023-29489
2023-04-27 00:00:00
nvd
nvd
CVE-2023-29489
2023-04-27 21:15:10
hackerone
hackerone
cve
cve
CVE-2023-29489
2023-04-27 21:15:10
nuclei
nuclei
cPanel < 11.109.9999.116 - Cross-Site Scripting
2023-04-27 01:00:20
thn
thn
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.004 Low
EPSS
Percentile
73.4%
Related for CVELIST:CVE-2023-29489