Description
Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Christy Philip Mathew · textwebappsphp
https://www.exploit-db.com/exploits/38153
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/38153
Scores
CVSS v3
6.1
EPSS
0.0026
EPSS Percentile
49.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
cpanel/webhost_manager
11.34.0
Published
Jan 27, 2020
Tracked Since
Feb 18, 2026