Operating System & Version
CentOS v.7.9.2009 Standard virtuozzo
cPanel & WHM Version


May 9, 2022
North Carolina
cPanel Access Level
Root Administrator
My latest PCI Scan is showing some issues. I know three of them are false positives. I am just not sure why they are showing when they have not appeared on previous scans. They may all be false positives.

False Positives (All Port 443):
  1. AgoraCart - agora.cgi cart_Id Parameter XSS (CVE-2001-1199)
  2. Fag-O-Matic fom.cgi Multiple Parameter XSS (CVE-2002-0230 / CVE-2002-2011)
  3. Pinnacle ShowCenter SettingsBase.php Skin Parameter XSS (CVE-2004

1. CPE Based Vulnerabilities for Exim smtpd 4.95 (Port 465 / Port 587) (CVE-2020-28017) . I am running EXIM Version 4.95

2. CGI Generic XSS (comprehensive test) - It is relating to my Woocommerce 'add-to-cart' parameter. I wonder if this also related to what is causing the false positives for the other XSS items.

The remote web server hosts CGI scripts that fail to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. These XSS are likely to be 'non-persistent' or 'reflected'. See also : Cross-site scripting - Wikipedia Results, Unicode Left/Right Pointing Double Angel Quotation Mark The Web Application Security Consortium / Cross Site Scripting

Any assistance would be appreciated.
Last edited by a moderator:


Jurassic Moderator
Staff member
Oct 19, 2014
cPanel Access Level
Root Administrator
Hey there! It also looks like the Exim notification is a false-positive since CVE-2020-28017 only applied to Exim versions 4.94.2 or earlier. Here are some more details on this:

Any cross-site scripting errors would need to be evaluated at the application level, as cPanel and Apache do not have any control over that area of the code.