Launchpad.net

CVE 2016-10767

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).

See the CVE page on Mitre.org for more details.

References