Security Bulletin 2019-001

Originally published at:

CVE-2019-13026: With a specially crafted URL, an attacker would be able to gain full access to the administration panel.

This one is really important if you use #oxid6. Please update immediately and/or use the workaround provided at

There are already several rank growth blog posts and press releases about this vulnerability around in the hacker and security scene. Please secure your #oxid6 ASAP!

Comments to this thread shall be possible for registered forum members, pls feel free to ask your questions. If unexpectedly impossible, send me a PM, cheers!