Sicherheitspatch für ISPConfig veröffentlicht

Dieses Thema im Forum "Allgemein" wurde erstellt von Till, 17. Apr. 2015.

  1. Till

    Till Administrator

    A XSS vulnerability has been found in the ISPConfig 3 module changer script.
    The vulnerability requires a valid user login to ISPConfig, unauthenticated
    users are not affected.

    Vulnerable versions:

    All recent ISPConfig 3 releases.


    A patch for ISPConfig is available trough the ISPConfig patch tool.

    Patch Installation:

    Run the command:


    as root user on the shell and enter:


    as patch code. The patch tool will download the patch from and apply it.


    We thank Alain for informing us about this issue.
  2. F4RR3LL

    F4RR3LL Member


Diese Seite empfehlen