Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cpanel | Cpanel | 9.1 |
References
- http://marc.info/?l=bugtraq&m=108006627005371&w=2
- http://securitytracker.com/id?1009541Vendor Advisory
- http://www.osvdb.org/4529Vendor Advisory
- http://www.osvdb.org/4530Vendor Advisory
- http://www.securityfocus.com/bid/9965ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15517
- http://marc.info/?l=bugtraq&m=108006627005371&w=2
- http://securitytracker.com/id?1009541Vendor Advisory
- http://www.osvdb.org/4529Vendor Advisory
- http://www.osvdb.org/4530Vendor Advisory
- http://www.securityfocus.com/bid/9965ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15517
FAQ
What is CVE-2004-1849?
CVE-2004-1849 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle paramet...
How severe is CVE-2004-1849?
CVE-2004-1849 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1849?
Check the references section above for vendor advisories and patch information. Affected products include: Cpanel Cpanel.