SEC-566 Summary Self-XSS vulnerability in the WHM Edit DNS Zone interface. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Description The return URL argument supplied to the Edit DNS Zone interface was insufficiently validated. This allowed the injection of JavaScript code into the return hyperlink. …
The post cPanel TSR-2020-0005 Full Disclosure first appeared on cPanel Newsroom.