HTTP: cPanel ErrorPage Webcall ID Reflected Cross-Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against cpanel. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Extended Description

An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.

Affected Products

Cpanel cpanel

References

CVE: CVE-2023-29489

Short Name
HTTP:XSS:CPANEL-WEBCALL-XSS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2023-29489 Cross-Site ErrorPage ID Reflected Scripting Webcall cPanel
Release Date
05/16/2023
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3598
False Positive
Unknown
Vendors

Cpanel

Found a potential security threat?