CVE-2018-20921
CVE-2018-20921: cPanel before 70.0.23 allows a stored XSS via the WHM action “Delete a DNS Zone” (SEC-375). The event is triggered by unvalidated data in the DNS zone deletion workflow within WHM. The available documents consistently describe the vulnerability as stored XSS affecting cPanel/WHM p...