cPanel before 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).Referenceshttps://documentation.cpanel.net/display/CL/84+Change+Log
