cPanel TSR-2020-0005 Full Disclosure

Status
Not open for further replies.

cPanelPhilH

Community Manager
Staff member
Feb 6, 2019
79
25
93
Houston
cPanel Access Level
Root Administrator
SEC-566
Summary

Self-XSS vulnerability in the WHM Edit DNS Zone interface.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

The return URL argument supplied to the Edit DNS Zone interface was insufficiently validated. This allowed the injection of JavaScript code into the return hyperlink.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.90.0.10
11.88.0.17
11.86.0.27



SEC-568
Summary

File overwrite via email quota cache.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Description

Cpsrvd periodically updates the email quota cache. When doing this, the cache files are opened and written as the root user. This could potentially be used by an attacker to overwrite files.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.90.0.10
11.88.0.17
11.86.0.27



SEC-569
Summary

Self-XSS vulnerabilities in WHM Manage API Tokens interfaces.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Error messages displayed in the WHM Manage API Tokens interface were not properly escaped. This allowed the injection of HTML into the rendered page.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.90.0.10
11.88.0.17
11.86.0.27



SEC-573
Summary

Self-XSS vulnerability in the cPanel Cron Jobs interface.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Settings displayed on the cPanel Cron Jobs interface were not properly escaped. This allowed the injection of HTML into the rendered page.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.90.0.10
11.88.0.17
11.86.0.27



SEC-574
Summary

Self-XSS vulnerability in the cPanel Cron Editor interface.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Parameters in cron jobs displayed on the cPanel Cron editor interface were not properly escaped. This allowed the injection of HTML into the rendered page.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.90.0.10
11.88.0.17
11.86.0.27

For the PGP-signed message, please see TSR-2020-0005.disclosure.signed
 
Status
Not open for further replies.