Security Advisory – All HostBill versions
We’ve just released security update for HostBill, as a response to potentially dangerous XSS Vulnerability. Severity depends on server configuration. As we take security very seriously we cannot leave our users at risk.
Applying patch
To apply this security patch, please download patch file below and unzip its contents (replacing previous files) in your main HostBill directory (usually /home/hostbill/public_html/)
File: https://clients.hostbillapp.com/patch/security-advisory-ioncube10-2018-10-15.zip
Patch file SHA256 sum: cf5cf8bdad05ef0bf8bd05a75a90d2882f0b5d109315790f8d45af8ef78d2856
This patch is for all HostBill versions and will also be introduced in upcoming HostBill 2018-10-15 release and any release after.
We believe that this vulnerability is not known to the public and its severity depends on admin area protection.