نقل قول نوشته اصلی توسط nimafire نمایش پست ها
سریعا بروز رسانی فرمایید


Product DescriptionWHMCS is an all-in-one client management, billing & support solution for online businesses. Handling everything from signup to termination, WHMCS is a powerful business automation tool that puts you firmly in control.
Vulnerability DescriptionDue to a CSRF vulnerability within the "Application Links" feature in the admin panel of WHMCS, it is possible for a malicious user to make unauthorized changes. For example, it would be possible to change the WHMCS Single Sign-On links within cPanel to display any text they wanted which could cause alarm for unsuspecting hosting users.
ImpactWe have deemed this vulnerability to be rated as MEDIUM due to the fact that while no sensitive information can be obtained, the "scare factor" for hosting users is rather high should they log into cPanel and see the WHMCS links all displaying a malicious message.
Vulnerable VersionThis vulnerability was tested against WHMCS 6.2.0.
 Fixed VersionThis vulnerability was patched in WHMCS 6.2.1.
ممنون
ولی خوب مگه 6.2.1 دیروز منتشر نشد و آپدیت کردیم. در متن اشاره شده در 6.2.1 رفع شده.
یا منظور شما چیز دیگری یا نسخه دیگری بود که من متوجه نشدم؟