CVE-2019-20490 (v3: 8.8)
17 Mar 2020
cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).