cPanel Multiple Cross Site Scripting

Service: Web hosting Manager

Vendor: cPanel

Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks

Severity: Medium/High

Details:

cPanel (control panel) is a graphical web-based management tool, designed
to make administration of web sites as easy as possible. cPanel handles
all aspects of website administration in an easy-to-use interface.
The software, which is proprietary, runs on a number of popular RPM-based
Linux distributions, such as SuSE, Fedora, Mandriva, CentOS, Red Hat
Enterprise Linux, and cAos, as well as FreeBSD. cPanel is commonly
accessed on ports 2082 and 2083 (for a SSL version). Authentication is
either via HTTP or web page login. cPanel is prone to cross-site scripting
attacks. This problem is due to a failure in the application to properly
sanitize user-supplied input



Impact:

an attacker can exploit the vulnerable scripts to have arbitrary script
code executed in the browser of an authentified cPanel user in the context
of the website hosting the vulnerable cPanel version. resulting in the
theft of cookie-based authentication giving the attacker full access to
the victim's cPanel account as well as other type of attacks.

 

 

 

 

Top