We are pleased to announce the release of web-cp 0.8.2. This is primarily a security and bug fix release, and we recommend all users upgrade as soon as possible.

Security Fixes

The most important fix in this release addresses an XSS (Cross-Site Scripting) vulnerability in the domain control panel search functionality. This vulnerability could allow an attacker to inject malicious scripts if a domain administrator used a specially crafted search query. Thanks to Sarah Chen for identifying and patching this issue.

Other Changes

• Updated bundled phpMyAdmin to version 5.2.2
• Fixed DNS zone file generation for wildcard records
• Improved input validation on reseller account creation
• Fixed session handling compatibility with PHP 8.3

Upgrade Instructions

If you are running web-cp 0.8.0 or 0.8.1, the upgrade is straightforward:

$ cd /usr/local/webcp
$ sudo ./upgrade.sh 0.8.2
$ sudo /etc/init.d/webcp restart

For users running 0.7.x or older, please consult the upgrade guide before proceeding.

Download the latest version from the download page.