vendor:
Cpanel
by:
Mon7rF
5.5
CVSS
MEDIUM
Cross Site Request Forgery
352
CWE
Product Name: Cpanel
Affected Version From: Cpanel version 11.X
Affected Version To: Cpanel version 11.X
Patch Exists:
Related CWE:
CPE:
Platforms Tested: Windows 7
2010
Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit
This exploit allows an attacker to perform unauthorized actions on behalf of a user by tricking them into clicking a specially crafted link or visiting a malicious website. In this case, the exploit targets the Cpanel 11.X Edit E-mail feature.
Mitigation:
To mitigate this vulnerability, users should be cautious when clicking on links or visiting websites, especially when prompted to enter sensitive information or perform actions that they did not initiate.