Forum

JQuery XSS vulnerab...
 
Notifications
Clear all

JQuery XSS vulnerabilities


pargddy
Posts: 1
Topic starter
(@pargddy)
New Member
Joined: 4 weeks ago

Hi

We had recently had pentesting done on servers running the SolidCP v1.4.7 and were made aware of multiple XSS vulnerabilities in the JQuery v2.1.0 been used in SolidCP. Can someone advise if there are any plans to use a newer version of JQuery or if the vulnerability does not affect the control panel?

Thanks

😀

Topic Tags
1 Reply
Marco Tiggelaar
Posts: 1945
Admin
(@m-tiggelaar)
Contributor
Joined: 5 years ago

Helo,

We are aware of some xss vonerabilities that could be used on specific pages of the control panel, which a fix is being worked on.

I will double check the jquery xss vonerability aswell. 

The security patches will be part of SolidCP's next release scheduled before end of April.

Regards,

Marco

Reply
Share:
Downloads