Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cpanel | Cpanel | 10.9.0_r50 (including) | 10.9.0_r50 (including) |