CentOS Web Panel cross-site scripting vulnerability


CentOS Web Panel (CWP) is a free Web hosting control Panel.

The CentOS Web Panel version has a cross-site scripting vulnerability due to the lack of proper validation of client data in Web applications. An attacker can exploit this vulnerability to execute client code.


Currently, the manufacturer does not provide a repair solution. Please refer to the manufacturer's home page: http://centos-webpanel.com