cPanel.FILEOP.Parameter.Multiple.XSS

description-logoDescription

This indicates an attack attempt against a Cross Site Scripting vulnerability in cPanel.
The vulnerability is caused by an error when the vulnerable software handles a malicious "fileop" parameter. It allows a remote attacker to execute arbitrary scripts via sending a crafted web request.

affected-products-logoAffected Products

cPanel cPanel 11.24.7
cPanel cPanel 11.24.4
cPanel cPanel 11.21 -BETA
cPanel cPanel 11.18.4
cPanel cPanel 11.18.3
cPanel cPanel 11.4.19
cPanel cPanel 11.0
cPanel cPanel 11.18.3-R21703
cPanel cPanel 11 beta
cPanel cPanel 11

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Update to the latest version, available from the website:
http://www.cpanel.net/index.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)