CVE-2018-20885
5.3MEDIUMcPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).
Published: 8/1/2019Updated: 11/21/2024
Description
cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).
AI AnalysisPowered by AI
Affected Products
cpanelcpanel
References
- https://documentation.cpanel.net/display/CL/74+Change+LogProductRelease Notes
- https://documentation.cpanel.net/display/CL/74+Change+LogProductRelease Notes