cPanel 11.25 is vulnerable to an XSS exploit as it fails to clean user-supplied input.
All versions prior to 47010 are affected. Please note that whilst this vulnerability is patched in version 47010, 47010 is currently on the bleeding-edge and isn't recommended for the stable environment.
Successful exploitation can result in user credentials being taken and being used to gain escalated privileges.
All versions prior to 47010 are affected. Please note that whilst this vulnerability is patched in version 47010, 47010 is currently on the bleeding-edge and isn't recommended for the stable environment.
Successful exploitation can result in user credentials being taken and being used to gain escalated privileges.
References: http://changelog.cpanel.net/?revision=0;tree=;treeview=;show=html;pp=50
[ reply ]