CVE-2005-2021

Published: Jun 20, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.

Affected (12)

Products: Cpanel: Cpanel

Cpanel

1 product

Cpanel

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Cpanel Cpanel	Version 5.0
Cpanel Cpanel	Version 5.3
Cpanel Cpanel	Version 6.0
Cpanel Cpanel	Version 6.2
Cpanel Cpanel	Version 6.4.1
Cpanel Cpanel	Version 6.4.2
Cpanel Cpanel	Version 6.4.2_stable_48
Cpanel Cpanel	Version 6.4
Cpanel Cpanel	Version 7.0
Cpanel Cpanel	Version 8.0
Cpanel Cpanel	Version 9.0
Cpanel Cpanel	Version 9.1

References (2)

http://www.securityfocus.com/bid/13996

Source: cve@mitre.org

ExploitVendor Advisory

http://www.securityfocus.com/bid/13996

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.