HIGHCVE-2026-32991Published Modified CNA hackerone
CVE-2026-32991: Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.
Metrics
- CVSS v3.1
- 7.1
- Severity
- HIGH
- Fixed in
- 11.110.0.118
- Affected Products
- 3
Fix available
11.110.0.11811.110.0.11911.118.0.6711.124.0.3811.126.0.5911.130.0.2311.132.0.3211.134.0.2611.136.0.1011.136.1.12
Affected packages
- WebPros / cPanel< 11.136.0.10 (from 11.136.0.0) · < 11.134.0.26 (from 11.134.0.0) · < 11.132.0.32 (from 11.132.0.0) · < 11.130.0.23 (from 11.130.0.0) · < 11.126.0.59 (from 11.126.0.0) · < 11.124.0.38 (from 11.124.0.0)
- WebPros / WP Squared< 11.136.1.12 (from 11.136.1.0)
- WebPros / cPanel (CloudLinux 6, CentOS 6)< 11.110.0.118 (from 11.110.0.0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:NReferences