Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665.Referenceshttps://www.blesta.com/2026/01/28/security-advisory/
