The latest version of cPanel & WHM is 11.34, which is vulnerable to multiple cross site scripting vulnerabilities. Cpanel is a Unix based fully featured popular web based hosting account control panel that helps webmasters to manage their domains through a web browser. The vulnerability affects the logged in users of the official cPanel demo. CPanel Demo located at https://cpanel.net/demo/ location, can be accessed via demo user & password provided by cPanel website itself i.e. https://demo.net:2086/login/?user=demo&pass=Demo.
Source: https://thehackernews.com/2012/12/cpanel-and-whm-multiple-cross-site.html