Vulnerabilities > Cpanel > Cgiemail > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2017-5616 Cross-site Scripting vulnerability in Cpanel Cgiecho and Cgiemail
Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter.
network
low complexity
cpanel CWE-79
6.1
2017-03-03 CVE-2017-5615 Open Redirect vulnerability in Cpanel Cgiecho and Cgiemail
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.
network
low complexity
cpanel CWE-601
6.1