If you believe that you have have discovered a vulnerability in Hestia Control Panel, please let our development team know via email at info@hestiacp.com.
We ask that you please include a detailed description of the vulnerability, a list of services involved (e.g. exim, dovecot) and the versions which you've tested, full steps to reproduce the vulnerability, and include your findings and expected results.