Vulnerabilities > CVE-2017-18438 - XXE vulnerability in Cpanel

047910
CVSS 6.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
LOW
network
low complexity
cpanel
CWE-611
NVD
Published: 2019-08-02
Updated: 2024-11-21

Summary

cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242).

Vulnerable Configurations

Part Description Count
Application
Cpanel
216

Common Weakness Enumeration (CWE)

References