CVE-2023-46818 Information

Description

An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.

Reference

https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released/