-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 cPanel TSR-2023-0001 Full Disclosure SEC-668 Summary Beef up filter checking for invalid webmail forwarders. Security Rating cPanel has assigned this vulnerability a CVSSv3.1 score of Severity: 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Description Putting back-slashes before and after forbidden webmail forwarder words (such as include) will allow it to go through. Improve the filter to catch this. Credits This issue was discovered by John Lightsey. Solution This issue is resolved in the following builds: 11.109.9999.116 11.108.0.13 11.106.0.18 11.102.0.31 SEC-669 Summary Escape HTML message in cpsrvd's error page. Security Rating cPanel has assigned this vulnerability a CVSSv3.1 score of 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Description An invalid webcall ID can contain cross-site scripting content and needs to be escaped when displayed on the error page for cpsrvd. By escaping the HTML message in the error page we can prevent cross-site scripting from this source as well as any other source that makes it onto the error page. Credits This issue was discovered by two different reporters, Sergey Temnikov and Shubham Shah. Solution This issue is resolved in the following builds: 11.109.9999.116 11.108.0.13 11.106.0.18 11.102.0.31 -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmP85dMACgkQlSG+3KvZ Td8pPw/8CMo9U8PXlm077WgDzc2hoMMKSfY+bfG8HLOc2q0rZGxHvNJ2oRx1/prq 6RX6vA9TPsS49FNJ+duwTOWcq+dfCARKWV8hqHXiBdJ6dDEU+J/wP5GXpNPyzcBU jrxaSIwTtLZccDpuJJ4O3HfpuXxQvzj99VjwtwummVgC8tlmzl0Xz57uZ0U7V0yu LrYzoK6+F/3gulKFIONOpxY1V/LoDg4rU8bQtymTL9VhwMVOcQSMm9zUo4oLXvDn PZSQdDusYVAIrgcJHxICpDwTt+iOVHS0S/hxem3VSQmrUQE6hkIStUoHm9sf/Fua /1N1jniwey5o1WYQ1iXsIbhYdCnKSamnlTqJadaHdsju0xzYd8Ftaj2CeJ+BAawf hrJwsQpDaK/GMrZHkYu1ubhkoF5KEeSscEFoO0shJAHZ7KLpG0Wm1UJqpQvmf4MZ Vi1Eh1xzGZKCRU+6IA05sS25ith+kxj8XorQeo3vWcvv9m4KoBJh5TgtIQ3WFDq+ RiWVE2KsTvQeRrh6mHa++K/YkGtNjlhfJ2yWINSb1WBHMDTWCMcJpJYWD0Y9THmc ZKbWa4pmXMHoxB7MAP9vZifPxCGkBMkttOJvuONOu7jmZKXULPQEmXOsuy0oxfju ryaGtf8U4GCTS58Crgu//uZC/sMkn40ciUKmfrB3dnJZXA6ng8A= =1Vb1 -----END PGP SIGNATURE-----