cPanel 11.25 cross site scripting

2010.07.19

Credit: none

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

cPanel 11.25 is vulnerable to an XSS exploit as it fails to clean user-supplied input.

All versions prior to 47010 are affected. Please note that whilst this vulnerability is patched in version 47010, 47010 is currently on the bleeding-edge and isn't recommended for the stable environment.

Successful exploitation can result in user credentials being taken and being used to gain escalated privileges.

References: http://changelog.cpanel.net/?revision=0;tree=;treeview=;show=html;pp=50

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

cPanel 11.25 cross site scripting

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

cPanel 11.25 cross site scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.