CVE-2018-20938
CVE-2018-20938 affects cPanel/WHM prior to 68.0.27, where the API calls addpkgext and delpkgext do not enforce ownership during operations. This is described as an ownership enforcement defect in WHM API calls, with a CVSSv3 base score of 2.7 (LOW) and an integrity impact of LOW. The issue is lim...