CVE-2017-11441
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
19/07/2017
Last modified:
20/04/2025
Description
The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297.
Impact
Base Score 3.x
5.40
Severity 3.x
MEDIUM
Base Score 2.0
3.50
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:* | 56.0.50 (including) | |
| cpe:2.3:a:cpanel:whm:58.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.11:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.12:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.13:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.17:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.19:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.20:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.23:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cpanel:whm:58.0.24:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page