Vulnerability Key Information Vulnerability Description Name: Cross-Site Scripting (XSS) in CentOS 4.2 i686 - WHM X v3.1.0 Release Date: 2006.12.14 Risk Level: Low Vulnerability Assessment CVSS Base Score: 3.5/10 Risk Factors: - Impact Subscore: 2.9/10 - Confidentiality Impact: None - Integrity Impact: Partial - Availability Impact: None - Exploitability Subscore: 6.8/10 - Access Vector: Remote - Authentication: Single time - Attack Complexity: Medium Vulnerability Details Affected Software: WebHost Manager (WHM) Tested Version: WHM X v3.1.0 Exploitation Method: - Attacker must be authenticated - Example URLs: - - - - Source Information Aria-Security Team More Details: Original Announcement