easyhostmedia
Well-known member
Just got this email from Resellerclub
Dear Reseller,
We are writing to advise you of a potential security vulnerability when htaccess directives are not enforced appropriately for WHMCS. This most commonly occurs in web server environments such as nginx.
Affected Version
WHMCS 6.0 and later
How to tell if you're affected
If the following file is readable from a web browser, then you need to investigate and apply appropriate configurations for your web server environment.
https://www.example.com/path/to/whmcs/vendor/composer/LICENSE
A verification tool has also been made available to assist in determining if your web server environment is affected. This tool can be downloaded here.
How to fix the vulnerability
Please follow the instructions provided in the detailed security advisory: https://docs.whmcs.com/Security_Advisory_2020-01-28
In case you have any queries regarding this email, you can open a support ticket open a support ticket for assistance.
Regards,
Team ResellerClub