CentOS Web Panel cross-site scripting vulnerability

Summary

CentOS Web Panel (CWP) is a free Web hosting control Panel.

The CentOS Web Panel version 0.9.8.78 has a cross-site scripting vulnerability due to the lack of proper validation of client data in Web applications. An attacker can exploit this vulnerability to execute client code.


Solution

Currently, the manufacturer does not provide a repair solution. Please refer to the manufacturer's home page: http://centos-webpanel.com