cPanel TSR-2023-0001 Full Disclosure

Status
Not open for further replies.

cPanelCory

Release Manager - EasyApache
Staff member
Jan 18, 2008
79
10
133
Houston
cPanel Access Level
Root Administrator
SEC-668


Summary



Beef up filter checking for invalid webmail forwarders.


Security Rating


cPanel has assigned this vulnerability a CVSSv3.1 score of Severity: 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L


Description


Putting back-slashes before and after forbidden webmail forwarder words (such as include) will allow it to go through. Improve the filter to catch this.


Credits


This issue was discovered by John Lightsey.


Solution


This issue is resolved in the following builds:
11.109.9999.116
11.108.0.13
11.106.0.18
11.102.0.31


SEC-669


Summary



Escape HTML message in cpsrvd's error page.


Security Rating


cPanel has assigned this vulnerability a CVSSv3.1 score of 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L


Description


An invalid webcall ID can contain cross-site scripting content and needs to be escaped when displayed on the error page for cpsrvd. By escaping the HTML message in the error page we can prevent cross-site scripting from this source as well as any other source that makes it onto the error page.


Credits


This issue was discovered by two different reporters, Sergey Temnikov and Shubham Shah.


Solution


This issue is resolved in the following builds:
11.109.9999.116
11.108.0.13
11.106.0.18
11.102.0.31


https://news.cpanel.com/wp-content/uploads/2023/02/TSR-2023-0001-Full-Disclosure.signed.txt
 
Status
Not open for further replies.