Bugtraq mailing list archives
cPanel XSS Vulnerability
From: thomas () jsthosting com
Date: 14 Jul 2010 16:38:36 -0000
cPanel 11.25 is vulnerable to an XSS exploit as it fails to clean user-supplied input. All versions prior to 47010 are affected. Please note that whilst this vulnerability is patched in version 47010, 47010 is currently on the bleeding-edge and isn't recommended for the stable environment. Successful exploitation can result in user credentials being taken and being used to gain escalated privileges. References: http://changelog.cpanel.net/?revision=0;tree=;treeview=;show=html;pp=50
Current thread:
- cPanel XSS Vulnerability thomas (Jul 15)