An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator’s e-mail and password because of the lack of CSRF protection.
This is resolved in v1.8.5, we will publish news as well.
An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator’s e-mail and password because of the lack of CSRF protection.
This is resolved in v1.8.5, we will publish news as well.