Design/Logic Flaw

2019-08-0119:15:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).

CPENameOperatorVersion
cpanelge11.54.0.1
cpanellt11.54.0.24
cpanelge55.9999.61
cpanellt56.0.15
cpanelge57.9999.48
cpanellt57.9999.54

Name	Operator	Version
cpanel	ge	11.54.0.1
cpanel	lt	11.54.0.24
cpanel	ge	55.9999.61
cpanel	lt	56.0.15
cpanel	ge	57.9999.48
cpanel	lt	57.9999.54

References

documentation.cpanel.net/display/CL/58+Change+Log

news.cpanel.com/cpanel-tsr-2016-0003-full-disclosure/