Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
4.3
CVSSv2
CVE-2018-20928
Published: 01/08/2019 Updated: 08/08/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Cpanel
Vulnerability Summary
cPanel prior to 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391).
Vulnerable Product
Search on Vulmon
Subscribe to Product
cpanel cpanel
References
CWE-79
https://documentation.cpanel.net/display/CL/70+Change+Log
https://news.cpanel.com/cpanel-tsr-2018-0002-full-disclosure/
https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started