SEC-584 Summary Information disclosure via weak web stats permissions. Security Rating cPanel has assigned this vulnerability a CVSSv3.1 score of 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Description The processing of web log reports for cPanel accounts used insecure storage locations for the generated files. This allowed other local users to read the log reports. …
The post cPanel TSR 2021-0003 Full Disclosure first appeared on cPanel Newsroom.