-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 cPanel TSR-2020-0005 Full Disclosure SEC-566 Summary Self-XSS vulnerability in the WHM Edit DNS Zone interface. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Description The return URL argument supplied to the Edit DNS Zone interface was insufficiently validated. This allowed the injection of JavaScript code into the return hyperlink. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.90.0.10 11.88.0.17 11.86.0.27 SEC-568 Summary File overwrite via email quota cache. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Description Cpsrvd periodically updates the email quota cache. When doing this, the cache files are opened and written as the root user. This could potentially be used by an attacker to overwrite files. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.90.0.10 11.88.0.17 11.86.0.27 SEC-569 Summary Self-XSS vulnerabilities in WHM Manage API Tokens interfaces. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Description Error messages displayed in the WHM Manage API Tokens interface were not properly escaped. This allowed the injection of HTML into the rendered page. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.90.0.10 11.88.0.17 11.86.0.27 SEC-573 Summary Self-XSS vulnerability in the cPanel Cron Jobs interface. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Description Settings displayed on the cPanel Cron Jobs interface were not properly escaped. This allowed the injection of HTML into the rendered page. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.90.0.10 11.88.0.17 11.86.0.27 SEC-574 Summary Self-XSS vulnerability in the cPanel Cron Editor interface. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Description Parameters in cron jobs displayed on the cPanel Cron editor interface were not properly escaped. This allowed the injection of HTML into the rendered page. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.90.0.10 11.88.0.17 11.86.0.27 -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl9o1P4UHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd88uBAAhjzgSRUf1w2NBAmeNUTb+FouW8aT /mxw0E7C12asdJ2T2c2VF6fyaGXRgUBCFyb11hSJx70mnSDRReCTuubV+JN4dcz+ bgDU5TTcNxYSr1SAVAu6Ep+l4vcBadmkrKMbl7LVz8FDD+SxIUYpffV3Az+AmFVZ 8nSRS8umCCpHcOowTAmlBDSbk2ZyOSQE4DPYcpR8VN3wbbIF4khNW8HgDyOXqS1g GIpgzgNcJN4BPCzbFQ5JQdM3xpKKDUiihz8j/GuYke44s9lQa5RYgVfwveEYW4Yg iZtPH78M/n9egkNGgHHmHDEAaKi7cW238f5Nfz+aMI5LVEWs1KpBfGuc8yQe+Tnn CmUdY3Fg2KIWwbMBbLDj7hG2+ZwP7k0U0RwYvFd77f1PYLwmvI6himUgT11pBrbP VskMd1u5PDRJf4uNMZZmjKkWxuPSUJ0GsBjcZfUjbzld2zJS5js/rX95x1rXE4Zy 1ImYKDuXZYCO8JggR6zjsv+Gwzalmp7/27kfpKGVKNNgrFMAfXlxM5tqgrJgiTgd fZhjC501jbJ9CX12J2oBP1bnKu8jGsNbKSRGr2Pjadc9uiHmWZFgNbAnlM5FDP/i 5edoCPhtKM7kvcQtIYyHfQX4pNcxRN3Sui/chJtFwO9IrF1iWTX3C9bLIouWDxeg jtwqc2nc3/pYzfg= =wfMF -----END PGP SIGNATURE-----