Use of cache containing sensitive information in cPanel - #VU98791
Published: October 17, 2024
cPanel
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to caching a valid username is auto-populating in the Username login field in some cases/circumstances. A remote attacker can trick the victim to login into the application and obtain the username from the login page cache.