Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote malicious users to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cpanel cpanel 6.2 |
||
cpanel cpanel 6.4 |
||
cpanel cpanel 6.4.1 |
||
cpanel cpanel 6.4.2 |
||
cpanel cpanel 5.0 |
||
cpanel cpanel 6.4.2_stable_48 |
||
cpanel cpanel 5.3 |
||
cpanel cpanel 6.0 |