cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).

cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).

cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).

cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).

cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).

cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).

cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).

cPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412).

cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410).

cPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391).

Zurmo 3.2.7-2 has XSS via the app/index.php/zurmo/default PATH_INFO.

TestLink 1.9.19 has XSS via the error.php message parameter.

cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377).

cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).

cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).

cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374).

cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373).

cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372).

cPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370).

cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369).