CVE-2017-18459

cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220).