CVE-2017-18433

cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236).
Source: NIST
CVE-2017-18433