Dear Blesta Users!

A security issue affecting Blesta versions 4.0.0 through 5.11.3 has been identified!
There is no evidence to suggest that this vulnerability is publicly known, but you should take action to patch your installation.
To determine the version of Blesta you are running, login to the admin area of your installation. The version is shown in the footer.
 

You can find the Patch as well as a Full-Release (5.11.4) in the Blesta.Store Download area (Requires Login).

• Recommended: Upgrade to 5.11.4 Full. (Works on all Blesta Versions 4.X or above).
• Alternative: If you are running version 5.11.x, apply the 5.11.4 patch.
• Alternative: If you are running version 5.10.x, apply the 5.10.4 patch.

Only versions 5.10.4, and 5.11.4 are not impacted by these vulnerabilities. 
If you are unable to upgrade for technical reasons: open a ticket from your account and include your license key, the version of Blesta you are running, and the reason you are unable to upgrade.

Upgrade Documentation

We take security vulnerabilities seriously and we always publicly disclose issues that impact the security of Blesta installations. Thank you for taking security seriously and patching your installation.

Kind Regards

The Blesta.com and Blesta.Store Team!