CVE-2019-14730

Name of the Vulnerable Software and Affected Versions CentOS Web Panel version 0.9.8.851

Description The issue exists due to insufficient input validation in the application, allowing a remote attacker to delete a domain from a user's account. This can be achieved by an attacker using their own account to exploit the insecure object reference.

Recommendations For version 0.9.8.851, consider restricting access to domain management features until a patch is available. As a temporary workaround, monitor user accounts for unauthorized domain removals and restrict access to the vulnerable delete domain function to minimize the risk of exploitation.