WHMCS released new versions for both 8.5.x and 8.6.x to address unspecified security issues.
“All earlier versions of WHMCS are unaffected,” according to the blog post. “The issue was reported privately and there is no evidence to suggest it is known publicly. We will not be releasing any further details about the issue at this time.”
Indeed, WHMCS is generally very secretive about their security issues. A comment on that post notes that WHMCS has not issued a CVE since 2012.
Leave a Reply