Description
Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html.
Exploits (1)
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15485
Exploit mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/357231
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9853
Scores
EPSS
0.0058
EPSS Percentile
69.2%
Details
Status
published
Products (12)
cpanel/cpanel
5.0
cpanel/cpanel
5.3
cpanel/cpanel
6.0
cpanel/cpanel
6.2
cpanel/cpanel
6.4
cpanel/cpanel
6.4.1
cpanel/cpanel
6.4.2
cpanel/cpanel
6.4.2_stable_48
cpanel/cpanel
7.0
cpanel/cpanel
8.0
... and 2 more
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026