Hi,
I have released Xymon version 4.3.1. It is available from Sourceforge at http://sourceforge.net/projects/xymon/ now.
The main reason for a release now following the 4.3.0 release just a month ago is to fix a security issue that was reported to me two days ago.
David Ferrest reported that the Xymon web interface was vulnerable to "cross-site scripting" attacks. After the initial report, I have gone through the web UI code and fixed several identical vulnerabilities leading to this release.
For those unfamiliar with cross-site scripting, here is the Wikipedia description:
"Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites were roughly 80% of all security vulnerabilities documented by Symantec as of 2007. Their impact may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site, and the nature of any security mitigations implemented by the site's owner."
(From http://en.wikipedia.org/wiki/Cross-site_scripting )
Regards,
Henrik