CentOS 8.x Control Web panel jQuery Version Upgrade Guide
From Notes_Wiki
Home > CentOS > CentOS 8.x > Email servers > Control Web panel > CentOS 8.x Control Web panel jQuery Version Upgrade Guide
This document explains how to upgrade the jQuery version in Control Web Panel (CWP) to mitigate known vulnerabilities, especially in:
- Roundcube Webmail
- CWP UI (Login Panel)
Upgrade jQuery in Webmail (/program/js/)
- This path is used by Roundcube, the webmail component in CWP.
Step 1: Backup the existing jQuery file
cd /usr/local/cwpsrv/var/services/roundcube/program/js/ cp jquery.min.js jquery.min.js.bak
Step 2: Download and replace with the latest jQuery
wget https://code.jquery.com/jquery-3.7.1.min.js -O jquery.min.js
- This replaces the older, vulnerable 3.4.1 version with 3.7.1.
Upgrade jQuery in CWP UI (/login/cwp_theme/original/js/)
- This path affects the CWP login and user interface.
Step 1: Backup the existing jQuery file
cd /usr/local/cwpsrv/var/services/users/login/cwp_theme/original/js/ cp jquery-3.1.1.min.js jquery-3.1.1.min.js.bak
Step 2: Download and replace with the latest jQuery
wget https://code.jquery.com/jquery-3.7.1.min.js -O jquery-3.1.1.min.js
- This replaces the older 3.1.1 version with the more secure 3.7.1.
Restart CWP Services (if needed)
- After updating jQuery files, restart the relevant services to apply the changes:
systemctl restart cwpsrv systemctl restart cwp-phpfpm
Rescan the Server for Vulnerabilities
- Once the upgrade is complete, perform a security scan using your preferred tool to verify that the jQuery vulnerability has been resolved.
Notes
- Always test the interface after replacing jQuery, as CWP and Roundcube may depend on specific versions.
- Keep backups safe in case any UI components break due to incompatibility.
Home > CentOS > CentOS 8.x > Email servers > Control Web panel > CentOS 8.x Control Web panel jQuery Version Upgrade Guide
