MEDIUM
ISPConfig
CVE published 2026-05-05
CVE-2025-52206
CVE-2025-52206 is a Cross Site Scripting (XSS) vulnerability in ISPConfig 3.3.0 via the system status webpage. The vulnerability has a CVSS score of 4.7 and a severity of MEDIUM. This vulnerability allows an attacker to inject malicious JavaScript code, potentially leading to unauthorized actions or data exposure. Users of ISPConfig 3.3.0 should be aware of this vulnerability and take steps to mitigate it [truncated]