Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit

ASTRAPI

Well-Known Member
Jul 8, 2008
321
0
66
A new exploit is out a few hours ago :(

Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit

How can i protect from this?

I do not use cpanel emails at all as i have only one account and i use a gmail account and not [email protected] account.....

What a user can do with this and how can i identify it?

I am using ssl also on the whm login... Does that helps on this case?

Thank you
 
Last edited:

ASTRAPI

Well-Known Member
Jul 8, 2008
321
0
66
Do i have to use the same setting to prevent this on the new 11.28 also?

Or the new version do not extra settings to prevent this?

Thank you