CVE-2019-20493

cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).