cPanel prior to 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
cpanel cpanel