vendor:
cPanel
by:
5.5
CVSS
MEDIUM
Cross-Site Request Forgery
352
CWE
Product Name: cPanel
Affected Version From: cPanel 11.25
Affected Version To: Other versions may also be affected.
Patch Exists: NO
Related CWE:
CPE: a:cpanel:cpanel:11.25
Platforms Tested:
cPanel Cross-Site Request Forgery Vulnerability
The cPanel software is vulnerable to a cross-site request forgery (CSRF) vulnerability. By exploiting this vulnerability, an attacker can perform certain administrative actions on behalf of the victim, leading to further attacks.
Mitigation:
There is no known mitigation or remediation for this vulnerability. It is recommended to update to the latest version of cPanel to prevent exploitation.