3 matches found
CVE-2018-20950
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer SEC-386...
CVE-2018-20950
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer SEC-386...
CVE-2018-20950
CVE-2018-20950 affects cPanel before version 68.0.27, allowing a self-stored XSS in WHM Account Transfer (SEC-386). The vulnerability stems from insufficient input validation in the transfer workflow, enabling an attacker to inject and execute client-side script. Impact is limited to cross-site s...