cPanel TSR-2020-0001 Full Disclosure


Phil Hodges

SEC-515 Summary Self-XSS vulnerability via temporary character set specification. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Description cPanel & WHM and its APIs allow you to specify a temporary character set to use for HTTP responses. Most interfaces and APIs do not expect to …

Continue reading...