Format string

2019-08-0213:15:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.6%

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).

CPENameOperatorVersion
cpanelge63.9999.74
cpanellt64.0.42
cpanelge65.9999.38
cpanellt66.0.34
cpanelge67.9999.64
cpanellt68.0.15

Name	Operator	Version
cpanel	ge	63.9999.74
cpanel	lt	64.0.42
cpanel	ge	65.9999.38
cpanel	lt	66.0.34
cpanel	ge	67.9999.64
cpanel	lt	68.0.15

References

documentation.cpanel.net/display/CL/68+Change+Log

news.cpanel.com/cpanel-tsr-2017-0006-full-disclosure/