CVE-2018-20895
In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393). The CVE is documented with CVSS v3 base score 7.2 (HIGH) and CVSS v2 base score 6.5 (MEDIUM). There are no exploitation details or remediation steps provided in the connecte...