Cross site scripting

2019-08-0513:15:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).

CPENameOperatorVersion
cpanelge59.9999.58
cpanellt60.0.25
cpanelge55.9999.61
cpanellt56.0.39
cpanelge57.9999.48
cpanellt58.0.37
cpanelge11.54.0.0
cpanellt11.54.0.33

Name	Operator	Version
cpanel	ge	59.9999.58
cpanel	lt	60.0.25
cpanel	ge	55.9999.61
cpanel	lt	56.0.39
cpanel	ge	57.9999.48
cpanel	lt	58.0.37
cpanel	ge	11.54.0.0
cpanel	lt	11.54.0.33

References

documentation.cpanel.net/display/CL/60+Change+Log

news.cpanel.com/cpanel-tsr-2016-0006-full-disclosure/