cPanel 11.15.0-RELEASE_17853 - XSS in /scripts/simpleps



DESCRIPTION


/scripts/simpleps displays the current process list in WHM, and is available only to root. Information displayed about each process includes: pid, process name, file name, current directory, and command line.

If a local user ran a command with a command line set to a javascript string, root's browser could inadvertently issue a request to WHM upon clicking the "Show Current Running Processes" link, assuming they have javascript enabled.



IMPACT


Local users could potentially cause requests to be issued to WHM, by root. This includes changing the root password of the server, and changing the resolvers in /etc/resolv.conf.