(SECURITY)

Version 1.56

Bugfix
Finished

There was a report of an exploit, and a CVE was created (not by us) https://nvd.nist.gov/vuln/detail/CVE-2019-9625 https://github.com/ManhNho/CVEs/blob/master/New-Requests/DirectAdmin-CSRF We tested the issue, but were unable to reproduce it, and reported back to Secunia with our results. During testing, other factors were considered and a different issue was found/fixed. So the original report appears to be false, but a new/unrelated/unpublished issue was discovered. Once a short period of testing on this fix has had time to confirm it doesn't break other things, we'll release 1.56.0. CVE-2019-11193 Credit: Bartosz Kwitniewski https://www.hekko.pl/

Interested to try DirectAdmin? Get a 30-day Free Trial!