Intrusion Prevention



This indicates an attack attempt against a Cross Site Scripting vulnerability in cPanel.
The vulnerability is caused by an error when the vulnerable software handles a malicious "fileop" parameter. It allows a remote attacker to execute arbitrary scripts via sending a crafted web request.

Affected Products

cPanel cPanel 11.24.7
cPanel cPanel 11.24.4
cPanel cPanel 11.21 -BETA
cPanel cPanel 11.18.4
cPanel cPanel 11.18.3
cPanel cPanel 11.4.19
cPanel cPanel 11.0
cPanel cPanel 11.18.3-R21703
cPanel cPanel 11 beta
cPanel cPanel 11


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to the latest version, available from the website:

CVE References