[ixpmanager-announce] [RELEASE] V5.7.0 - Security Fix, Small Bug Fixes and Minor Improvements / Features

Barry O'Donovan barry.odonovan at inex.ie
Thu Aug 20 15:09:08 IST 2020

We are pleased to announce the immediate availability of IXP Manager 

This release primarily fixes a XSS security issue in IXP Manager. It 
also has a small number of bug fixes and improvements. All IX's running 
< v5.7.0 are advised to upgrade. This release has a minor version bump 
as there are two small database schema changes.

Full details are:


**Security Fix**

This release includes a fix for a XSS security bug in the looking glass 
feature. The bug allows a potential attacker to provide an IXP Manager 
user or administrator a crafted URL which would result in the execution 
of supplied JavaScript within the user's browser.

Credit to Bart Vrancken (AbuseIO CERT) for responsibly disclosing this 

  - Barry


Kind regards,
Barry O'Donovan

More information about the ixpmanager-announce mailing list