CVE-2018-20922 (cpanel)

cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).
Source: NIST
CVE-2018-20922 (cpanel)