PT-2019-12308 · Centos · Centos Web Panel
Dkm
·
Published
2019-05-13
·
Updated
2023-01-24
·
CVE-2019-11429
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
CentOS Web Panel versions 0.9.8.753 through 0.9.8.807, 0.9.8.793
Description
The issue concerns a Reflected XSS vulnerability related to the "Domain" field on the "DNS Functions > Add DNS Zone" screen.
Recommendations
For versions 0.9.8.753 through 0.9.8.807, and 0.9.8.793, consider restricting access to the "Add DNS Zone" screen until a fix is available.
As a temporary workaround, avoid using the "Domain" field in the "Add DNS Zone" screen to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Centos Web Panel