CentOS Web Panel cross-site scripting vulnerability
- Date Published:2019-04-04
- Last Updated:2019-04-04
- Version Affected: CentOS Web Panel
- CVE: CVE-2019-10261
CentOS Web Panel (CWP) is a free Web hosting control Panel.
The CentOS Web Panel version 0.9.8.78 has a cross-site scripting vulnerability due to the lack of proper validation of client data in Web applications. An attacker can exploit this vulnerability to execute client code.
Currently, the manufacturer does not provide a repair solution. Please refer to the manufacturer's home page: http://centos-webpanel.com