CVE-2007-0890

Name of the Vulnerable Software and Affected Versions: cPanel WebHost Manager (WHM) versions 11.0.0 and earlier

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the password parameter in scripts/passwdmysql.

Recommendations: For versions 11.0.0 and earlier, update to a version later than 11.0.0 to resolve the issue. As a temporary workaround, consider restricting access to the scripts/passwdmysql script to minimize the risk of exploitation. Avoid using the password parameter in the affected script until the issue is resolved.