|
Description
|
|
Multiple vulnerabilities were identified in cPanel, which may be exploited by attackers to execute arbitrary scripting code. These flaws are due to input validation errors in the "webmailaging.cgi", "frontend/xcontroller/editquota.html", "frontend/xcontroller/dodelpop.html", "frontend/xcontroller/diskusage.html", "frontend/xcontroller/stats/detailbw.html" and "mime/handle.html" scripts that do not properly validate the "numdays", "email", "showtree", "target", "domain", "year", "mon", "extension" and "mime-type" parameters, which could be exploited by attackers to cause malicious scripting code to be executed by the user's browser in the security context of an affected Web site.
|
