cPanel prior to 71.9980.37 allows malicious users to make API calls that bypass the cron feature restriction (SEC-427).
cpanel cpanel