The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585).
References
Link | Resource |
---|---|
https://docs.cpanel.net/changelogs/98-change-log/ | Release Notes Vendor Advisory |
Configurations
History
20 Aug 2021, 20:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* | |
References | (MISC) https://docs.cpanel.net/changelogs/98-change-log/ - Release Notes, Vendor Advisory | |
CWE | CWE-611 | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
11 Aug 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-11 23:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-38584
Mitre link : CVE-2021-38584
CVE.ORG link : CVE-2021-38584
JSON object : View
Products Affected
cpanel
- cpanel
CWE
CWE-611
Improper Restriction of XML External Entity Reference