Insecure User Account Configuration in cPanel Allows Unauthorized Access to Private Emails (SEC-326)

Insecure User Account Configuration in cPanel Allows Unauthorized Access to Private Emails (SEC-326)

CVE-2017-18393 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).

Learn more about our User Device Pen Test.