Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Deletion of Email Forwarding Destinations

Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Deletion of Email Forwarding Destinations

CVE-2019-14722 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account.

Learn more about our Cis Benchmark Audit For Centos Linux.