Skip to content

FOSSBilling

v0.8.1 Security

This release includes 4 security fixes for security teams reviewing exposed deployments.

Published 4d Productivity & Wikis
βœ“ No known CVEs patched
Read the diff β†’ Tool health β†’ What is this tool? β†’
This release patches 4 known CVEs

Topics

billing bootstrap docker doctrine hosting mariadb
+5 more
mysql payments php self-hosted twig

Affected surfaces

auth rce_ssrf

ReleasePort's take

Light signal
editorial:auto 4d

FOSSBillingβ€―0.8.1 hardens security by sanitizing admin ticket replies, validating downloadable filenames, refreshing OPcache after updates, and securing UpdatePatcher SQL operations.

Why it matters: These fixes address injection, unauthorized file access, stale configuration exposure, and unsafe database queries; severity scores of 70 indicate high‑impact risks that affect support workflows and product integrity.

Summary

AI summary

Updates πŸ› Bug Fixes, πŸ“ˆ Enhancements, and πŸ” Security across a mixed release.

Changes in this release

Security High

Sanitized admin support ticket reply content to prevent potential injection.

Sanitized admin support ticket reply content to prevent potential injection.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Security High

Validated stored filenames for downloadable products to restrict unauthorized file access.

Validated stored filenames for downloadable products to restrict unauthorized file access.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Security High

Refreshed OPcache after preserving the config cache during updates to avoid stale configuration exposure.

Refreshed OPcache after preserving the config cache during updates to avoid stale configuration exposure.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Security High

Hardened UpdatePatcher SQL safety to prevent unsafe database operations during updates, with Antispam and Massmailer correctness fixes.

Hardened UpdatePatcher SQL safety to prevent unsafe database operations during updates, with Antispam and Massmailer correctness fixes.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Medium

Added a free subdomain option for hosting products.

Added a free subdomain option for hosting products.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Medium

Implemented reCAPTCHA v3 for score‑based bot detection on public forms.

Implemented reCAPTCHA v3 for score‑based bot detection on public forms.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Medium

Clients are now automatically logged in after successful registration.

Clients are now automatically logged in after successful registration.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Medium

Added active menu highlighting in both the Admin and Huraga client themes.

Added active menu highlighting in both the Admin and Huraga client themes.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Medium

Introduced an update finalization process that prevents issues during database patches.

Introduced an update finalization process that prevents issues during database patches.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Medium

Signup forms now display a separate last name field.

Signup forms now display a separate last name field.

Source: llm_adapter@2026-05-30

Confidence: high

 β€”
Feature Low

Added pre-configuration proxy detection for forwarded headers before application boot.

Added pre-configuration proxy detection for forwarded headers before application boot.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Feature Low

Added proxy candidate settings UI and system URL support to improve reverse proxy compatibility.

Added proxy candidate settings UI and system URL support to improve reverse proxy compatibility.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Feature Low

Admin Massmailer test client selector now uses autocomplete search and displays client email.

Admin Massmailer test client selector now uses autocomplete search and displays client email.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Feature Low

Added in-app links to Anti-Spam and License documentation.

Added in-app links to Anti-Spam and License documentation.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Fixed checkout crash caused by type mismatch on support ticket counts.

Fixed checkout crash caused by type mismatch on support ticket counts.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Fixed license order details crashing when pinged_at was null.

Fixed license order details crashing when pinged_at was null.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Improved admin dashboard alert layout for better readability.

Improved admin dashboard alert layout for better readability.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Fixed installer page dark mode application issue.

Fixed installer page dark mode application issue.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Redirected to correct tab after creating product categories and API form submissions.

Redirected to correct tab after creating product categories and API form submissions.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Stopped displaying service-specific configuration partials for inactive orders.

Stopped displaying service-specific configuration partials for inactive orders.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Restored domain check button after input changes.

Restored domain check button after input changes.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Prevented deleting a domain registrar assigned to active TLDs.

Prevented deleting a domain registrar assigned to active TLDs.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Validated and normalized port values across configuration to prevent connection errors.

Validated and normalized port values across configuration to prevent connection errors.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Applied template, internationalization, and accessibility fixes across modules.

Applied template, internationalization, and accessibility fixes across modules.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Fixed downloadable file replacement cleanup and streamed download behavior.

Fixed downloadable file replacement cleanup and streamed download behavior.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Bugfix Low

Fixed UpdatePatcher table handling and Massmailer admin filtering.

Fixed UpdatePatcher table handling and Massmailer admin filtering.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Refactor Low

Added stored_filename attribute for downloadable files to enable safer file reference tracking and orphan cleanup.

Added stored_filename attribute for downloadable files to enable safer file reference tracking and orphan cleanup.

Source: granite4.1:30b@2026-05-30-audit

Confidence: low

 β€”
Full changelog

0.8.1 (2026-05-30)

FOSSBilling 0.8.0 included fixes for multiple security vulnerabilities, including higher-impact issues. We are continuing to provide a short upgrade window before publishing the full advisory set.

Alongside 0.8.1, we are publishing a small early batch of low-impact advisories where practical exploitability is limited. The remaining advisories fixed in 0.8.0 are still scheduled for publication after a short upgrade window.

Users should upgrade to 0.8.1 where practical. Installations that have not yet upgraded from older releases should treat 0.8.0 or newer as a priority security baseline.

πŸ” Security

  • Sanitized admin support ticket reply content to prevent potential injection. (#3669)
  • Validated stored filenames for downloadable products to restrict unauthorized file access. (#3676)
  • Refreshed OPcache after preserving the config cache during updates to avoid stale configuration exposure. (#3662)
  • Hardened UpdatePatcher SQL safety to prevent unsafe database operations during updates, along with Antispam and Massmailer correctness fixes. (#3685)

πŸ“ˆ Enhancements

  • Added a free subdomain option for hosting products. (#3667)
  • Implemented reCAPTCHA v3 for score-based bot detection on public forms. (#3655)
  • Clients are now automatically logged in after successful registration. (#3664)
  • Added active menu highlighting in both the Admin and Huraga client themes. (#3654)
  • Introduced an update finalization process that prevents issues during database patches. (#3639)
  • Signup forms now display a separate last name field. (#3653)
  • Added pre-configuration proxy detection so forwarded headers are handled before the application fully boots. (#3663)
  • Added a proxy candidate settings UI and system URL support to improve reverse proxy compatibility. (#3674)
  • The admin Massmailer test client selector now uses autocomplete search and displays the client email. (#3681)

πŸ› Bug Fixes

  • Fixed a checkout crash caused by a type mismatch on support ticket counts. (#3643)
  • Fixed license order details crashing when pinged_at was null. (#3644)
  • Improved the admin dashboard alert layout for better readability. (#3646)
  • Fixed the installer page not applying dark mode correctly. (#3647)
  • Redirecting to the correct tab after creating product categories and after API form submissions. (#3648, #3649)
  • Stopped displaying service-specific configuration partials for inactive orders. (#3650)
  • Restored the domain check button when domain input changes after an initial check. (#3645)
  • Prevented deleting a domain registrar that is assigned to active TLDs. (#3660)
  • Port values are now validated and normalized across the configuration to prevent connection errors. (#3659)
  • Applied template correctness, internationalization, and accessibility fixes across multiple modules. (#3661)
  • Fixed downloadable file replacement cleanup so orphaned stored files are properly removed, and corrected streamed download behavior. (#3678)
  • Fixed UpdatePatcher table handling and Massmailer admin filtering. (#3686)

πŸ“ Changes

  • Added a stored_filename attribute for downloadable files to enable safer file reference tracking and orphan cleanup. (#3670)
  • Improved license validation form accessibility and consistency. (#3673)
  • Added in-app links to Anti-Spam and License documentation. (#3657, #3668)

Security Fixes

  • Sanitized admin support ticket reply content to prevent potential injection (#3669)
  • Validated stored filenames for downloadable products to restrict unauthorized file access (#3676)
  • Refreshed OPcache after preserving the config cache during updates to avoid stale configuration exposure (#3662)
  • Hardened UpdatePatcher SQL safety and fixed Antispam/Massmailer correctness issues (#3685)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track FOSSBilling

Get notified when new releases ship.

Sign up free

About FOSSBilling

Hosting and billing automation. Integrates with WHM, CWP, cPanel and HestiaCP. Full API and easily extensible.

All releases β†’

Related context

Related tools

Earlier breaking changes

  • v0.8.0 Paidsupport and Servicemembership have been removed.
  • v0.8.0 The public guest system version endpoint has been removed.
  • v0.8.0 FOSSBilling now requires PHP 8.3 or newer.

Beta — feedback welcome: [email protected]