CVE-2017-18389

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).
Source: NIST
CVE-2017-18389