SEC-567 Summary URL parameter injection vulnerabilities in multiple interfaces. Security Rating cPanel has assigned this vulnerability a CVSSv3.1 score of 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N Description Many cPanel & WHM interfaces create URIs to other interfaces by incorporating user-supplied data in URI query parameters. Several cPanel & WHM interfaces were using URL encoding …
The post cPanel TSR-2020-0007 Full Disclosure first appeared on cPanel Newsroom.