cPanel TSR-2018-0004 Full Disclosure

cPanel TSR-2018-0004 Full Disclosure SEC-367 Summary Stored-XSS in WHM File Restoration interface. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.6 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Description Filenames containing AngularJS markup were interpolated into angular-growl format strings. These format strings were then interpolated a second time before being used in growl …