Security feature bypass

2019-08-0114:15:00

PRIOn knowledge base

www.prio-n.com

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396).

CPENameOperatorVersion
cpanelge69.9999.122
cpanellt70.0.43
cpanelge67.9999.64
cpanellt68.0.39
cpanelge61.9999.55
cpanellt62.0.47

Name	Operator	Version
cpanel	ge	69.9999.122
cpanel	lt	70.0.43
cpanel	ge	67.9999.64
cpanel	lt	68.0.39
cpanel	ge	61.9999.55
cpanel	lt	62.0.47

References

documentation.cpanel.net/display/CL/72+Change+Log

news.cpanel.com/cpanel-tsr-2018-0003-full-disclosure/