Loading
cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
Use CWE-79, Cpanel vendor hub and Cpanel product page to widen CVE-2020-29137 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-41940, CVE-2025-66429 and CVE-2021-38589 for nearby disclosures in the same product family.