Recompile vpopmail, upgrade to qmailadmin 1.2.4 or later, and it will take care of the XSS vulnerability.
I take that back. All of the releases from 1.2.4 on have known bugs that were fixed in later versions. Of course, those later versions also have new features (some that required significant changes to the code base) that haven't been fully tested.
I will do my best to release 1.2.7 within the next few days. If possible, I'll move two of the more significant changes into 1.2.8 so 1.2.7 can be made "stable" as soon as possible.
-- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
