DirectAdmin Control Panel 1.50.0 Cross Site Scripting Vulnerability

[Sampler]

As reported on an increasing number of sites, 1.5000 seems to be vulnerable to a XSS script attack. What would be the normal resolution time for a fix being available directly from DA ?

link to one of the reporting sites --- > http://0day.today/exploits/25196


Cheers

Sampler

 

[zEitEr]

Hello,

- I think I've found an XSS or CSRF hole in DirectAdmin!
http://help.directadmin.com/item.php?id=619

 

[Active8]

As i understand you just have to login first as admin to execute this XSS script? why would you do this ?
As long as you try to do this on a regular DA box it wont works, am i right ?