CVE-2019-14723

Name of the Vulnerable Software and Affected Versions CentOS Web Panel version 0.9.8.851

Description The issue allows an attacker to delete a victim's e-mail account via an attacker account due to an insecure object reference. This is caused by insufficient input validation, which can be exploited by a remote attacker to delete a user's email account.

Recommendations For version 0.9.8.851, consider restricting access to email account management features until a patch is available. As a temporary workaround, monitor email account activity closely to detect and respond to potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.