Stored XSS Vulnerability in cPanel's Delete a DNS Zone Action (SEC-375)

CVE-2018-20921 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).

Learn more about our Web Application Penetration Testing UK.