CPanel: Script Insertion and Cross-Site Scripting Vulnerability

Even though secunia rated this as a “less critical” vulnerability, this error is not fixed in the public builds. Successful exploitation requires that the “XSRF protection” within the WHM’s Tweak Settings under the Security section is disabled.