First published: Thu Aug 01 2019(Updated: )
In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cpanel Cpanel | <70.0.23 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.