Stored XSS issue in email name field
There is a stored XSS problem in the email name field in ISPConfig 3 which allows an attacker to inject JS code into the database that gets displayed unfiltered in the ISPConfig dashboard of the client himself, the reseller that this client belongs to and the admin.
Thank you very much to Fábián Patrik for reporting this issue.
To upload designs, you'll need to enable LFS. More information