This update fixes several XSS vulnerabilities that were found in ISPConfig. A valid ISPConfig login is required to exploit the XSS vulnerabilities. The release includes other bugfixes and some minor improvements as well. See changelog link below for details.
The software can be downloaded here:
http://www.ispconfig.org/downloads/ISPConfig-3.1.10.tar.gz
Please take a look at the bug tracker:
https://git.ispconfig.org/ispconfig/ispconfig3/issues
Please report bugs to the ISPConfig bug tracking system:
https://git.ispconfig.org/ispconfig/ispconfig3/issues
– Debian Etch (4.0) – Stretch (9.0) and Debian testing
– Ubuntu 7.10 – 17.10
– OpenSuSE 11 – 13.2
– CentOS 5.2 – 7
– Fedora 9 – 15
The installation instructions for ISPConfig can be found here:
http://www.ispconfig.org/ispconfig-3/documentation/
To update existing ISPConfig 3 installations, run these commands in the shell:
cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3.1.10.tar.gz tar xvfz ISPConfig-3.1.10.tar.gz cd ispconfig3_install/install php -q update.php
