CVE-2025-52206
Cross Site Scripting (XSS) in ISPConfig System Status Page
Publication date: 2026-05-05
Last updated on: 2026-05-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ispconfig | ispconfig | 3.3.0 |
| ispconfig | ispconfig | 3.3.0p2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in ISPConfig 3.3.0 is a Cross Site Scripting (XSS) issue that occurs via the system status webpage.
This means that an attacker could inject malicious scripts into the system status page, potentially causing the browser of an administrator or user viewing that page to execute unintended code.
How can this vulnerability impact me? :
This Cross Site Scripting (XSS) vulnerability can allow attackers to execute malicious scripts in the context of the ISPConfig system status webpage.
If an administrator or user views the compromised page, the attacker could potentially steal session cookies, perform actions on behalf of the user, or deliver malware.
Additionally, related security issues in ISPConfig 3.3.0 include an authenticated code injection flaw and exposure of sensitive log files, which could further increase risk if not patched.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the Cross Site Scripting (XSS) vulnerability in ISPConfig 3.3.0, you should update your ISPConfig installation to version 3.3.0p2, which includes security fixes addressing this issue.
You can perform the update using the provided ispconfig_update.sh command or follow the manual update instructions available on the ISPConfig website.
Additionally, ensure that only authorized administrators have access to the system status webpage and monitor for any unusual activity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the Cross Site Scripting (XSS) vulnerability in ISPConfig 3.3.0 impacts compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability in ISPConfig 3.3.0 is a Cross Site Scripting (XSS) issue via the system status webpage, which requires authenticated access. Detection typically involves verifying the version of ISPConfig installed and checking for the presence of the vulnerable system status page.
To detect if your system is vulnerable, first identify the ISPConfig version by running commands such as:
- Check the ISPConfig version via the command line: `ispconfig_update.sh --version` or by inspecting the ISPConfig interface footer or about page.
- Review web server logs for suspicious input or reflected scripts targeting the system status webpage URL.
Since the vulnerability requires authenticated access, scanning for XSS payloads on the system status page manually or via automated tools with valid credentials can help detect exploitation attempts.
It is recommended to update to ISPConfig 3.3.0p2 or later, which fixes this issue.