Closed jacobgelling closed 10 years ago
Fixed the disclosure vulnerability mentioned in http://bugs.zpanelcp.com/view.php?id=704
I haven't tested if this fixes the XSS vulnerability (I doubt it has) also mentioned in the bug report though.
The added code is the same as in index.php - it stops users that are not logged into ZPanel accessing system information.
Yep :+1:
lottfy
commented
10 years ago lottfy
commented
10 years ago
Fixed the disclosure vulnerability mentioned in http://bugs.zpanelcp.com/view.php?id=704
I haven't tested if this fixes the XSS vulnerability (I doubt it has) also mentioned in the bug report though.
The added code is the same as in index.php - it stops users that are not logged into ZPanel accessing system information.