cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).Referenceshttps://documentation.cpanel.net/display/CL/82+Change+Log
