Missing variable check in module changer script.
A XSS vulnerability has been found in the ISPConfig 3 module changer script.
The vulnerability requires a valid user login to ISPConfig, unauthenticated users are not affected.
http://www.ispconfig.org/blog/1/entry-145-security-patch-for-ispconfig-3054p5-released/