New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Hostbill XSS Vulnerability - Patch Now
Received an email from HostingSecList about xss vulnerability present in hostbill application.
"We’ve just released security update for HostBill, as a response to potentially dangerous XSS Vulnerability. Severity depends on server configuration. As we take security very seriously we cannot leave our users at risk."
Patch link: http://blog.hostbillapp.com/2018/10/15/security-advisory-all-hostbill-versions/
Thanks!
Thanked by 1coreflux
Comments
Make sure to deploy CSP header, to prevent further issues.
CSP last line of defense on the browser side.