Wes Wright

Researcher fromDigital Defense, Inc.

#22203of 53,632

10.2Total CVSS

Vulnerabilities · 2

Medium

2

Cpanel · Cpanel · CVE-2020-29135

**Name of the Vulnerable Software and Affected Versions** cPanel versions prior to 90.0.17 **Description** The issue concerns multiple instances of URL parameter injection. **Recommendations** For versions prior to 90.0.17, update to version 90.0.17 or later to resolve the issue.

Cpanel · Cpanel · CVE-2020-29137

**Name of the Vulnerable Software and Affected Versions** cPanel versions prior to 90.0.17 **Description** The issue allows self-XSS via the WHM Transfer Tool interface. **Recommendations** For versions prior to 90.0.17, update to version 90.0.17 or later to resolve the issue.