cPanel TSR-2018-0003 Full Disclosure

cPanel TSR-2018-0003 Full Disclosure SEC-393 Summary API tokens retain ACLs that are removed from accounts. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 6.4 CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H Description Starting with cPanel & WHM version 68, it became possible to limit the authorizations of a WHM API token to a …