News Document Title:
====================
Strato GmbH patched multiple DOM XSS Bugs on ACP [FIXED!]


Release Date:
=============
2011-08-25


Laboratory Article:
===================
Last week we discovered multiple medium priority dom cross site scripting issues for the strato gmbh server admin control panel.
10 days later all of the discovered vulnerabilities on the acp module has been fixed by the strato dev/sec team.
The bug was located on the dns-editor of the control panel for game servers & dedicated servers.

2011-08-15:	             Vendor Notification
2011-08-17:	             Vendor Response/Feedback
2011-08-23:	             Vendor Fix/Patch
2011-08-26:	             Public or Non-Public Disclosure
             
Advisory: http://www.vulnerability-lab.com/get_content.php?id=141