i-Panel Administration System is a multifunctional website management system. Customers can easily manage websites through this system, such as managing email accounts, file management, subdomain management, directory password protection, custom error pages, IP refusal to browse, and change Password and other functions. Version 2.0 of the application was found to be vulnerable to Reflected XSS.
The XSS could facilitate attackers in executing malicious JavaScript on victim machines such as stealing cookies or redirecting users.
https://web20.myhost.com.hk/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22XSSVulnerable%22)%3E