CVE-2018-20935
CVE-2018-20935 affects cPanel before 70.0.23, enabling stored XSS via the WHM action “Reset a DNS Zone” (SEC-412). Root cause cited as insufficient validation of client-side data. Impact is stored XSS; CVSS metrics in NVD show MEDIUM/LOW levels. A fix is available in or after version 70.0.23 (see...