Vulnerability Details CVE-2019-13056
An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator's e-mail and password because of the lack of CSRF protection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2019-13056
-
cpe:2.3:a:cyberpanel:cyberpanel:-
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.1
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.2
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.3
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.4
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.5
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.6
-
cpe:2.3:a:cyberpanel:cyberpanel:1.7.7
-
cpe:2.3:a:cyberpanel:cyberpanel:1.8.1
-
cpe:2.3:a:cyberpanel:cyberpanel:1.8.2
-
cpe:2.3:a:cyberpanel:cyberpanel:1.8.3
-
cpe:2.3:a:cyberpanel:cyberpanel:1.8.4