Vulnerabilities > Cpanel > Cgiemail > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-03 | CVE-2017-5616 | Cross-site Scripting vulnerability in Cpanel Cgiecho and Cgiemail Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. | 4.3 |
| 2017-03-03 | CVE-2017-5615 | Open Redirect vulnerability in Cpanel Cgiecho and Cgiemail cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location. | 5.8 |
| 2017-03-03 | CVE-2017-5613 | Use of Externally-Controlled Format String vulnerability in Cpanel Cgiecho and Cgiemail Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file. | 6.8 |