2019-08-01 14:44:17
mitre
PUBLISHED
In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368).