JQuery XSS vulnerabilities
We had recently had pentesting done on servers running the SolidCP v1.4.7 and were made aware of multiple XSS vulnerabilities in the JQuery v2.1.0 been used in SolidCP. Can someone advise if there are any plans to use a newer version of JQuery or if the vulnerability does not affect the control panel?
We are aware of some xss vonerabilities that could be used on specific pages of the control panel, which a fix is being worked on.
I will double check the jquery xss vonerability aswell.
The security patches will be part of SolidCP's next release scheduled before end of April.