Snippet Sammlung
CVE-2019-10893 (centos_web_panel) - Druckversion

+- Snippet Sammlung (
+-- Forum: Sicherheits Forum (
+--- Forum: CVE (
+--- Thema: CVE-2019-10893 (centos_web_panel) (/showthread.php?tid=8669)

CVE-2019-10893 (centos_web_panel) - R2D2 - 20.04.2019

CVE-2019-10893 (centos_web_panel) (aka CWP) CentOS Web Panel (Free/Open Source Version) and (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XSS Payload and clicking on Save Changes, the XSS Payload will execute.