Fixed Issues 2024.0.1
- Last Updated: January 7, 2026
- 1 minute read
- WS_FTP Server
- Version 2024
- Documentation
The following issues were fixed in WS_FTP Server 2024.0.1 (9.0.1).
|
ID |
Category |
Fixed Issue |
|---|---|---|
|
5937 |
Documentation |
The %Dir variable description was updated in the documentation. For more information, see Using notification variables. |
|
6300 |
Security, Permissions |
Users can specify multiple file masks within a single field when setting folder permissions. |
|
12394 |
Security |
Common HTTP security headers were added to the HTTP response headers. |
|
15086 |
Security |
The AngularJS version was updated to address potential vulnerabilities. |
|
20724 |
FTP, SSH |
Directory listing speeds were improved for folders with more than 30k folders/files. |
|
20747 |
Security |
Errors in Web Console are correctly handled. |
|
22006 |
Security |
All log on pages include anti-Cross-Site Request Forgery (CSRF) tokens. |
|
22007 |
Security |
Ad Hoc Transfer prevents unauthenticated requests and returns the correct error. |
|
22572 |
Security, AHT, WTM |
Content-Security-Policies are configured for Ad-Hoc and Thin Client. |
|
22959 |
Web Admin |
Duplicate validation errors are no longer shown when a folder with unsupported characters is created. |
|
25208 |
SSH, Web Admin |
WS_FTP Server supports UTF-8. |
|
25295 |
AHT, WTM |
Case-specific URLs are not required for Ad Hoc Transfer or Web Transfer Module. |
|
25300 |
Utilities |
SSH certificates migrate successfully from PostgreSQL to MSSQL when there is a case difference in the name. |
|
25440 |
Security, Web Admin |
After multiple failed Admin Console log on attempts, the admin account is locked out or disabled as per the Failed Login Rule policy. |
|
25500 |
Security |
IIS unlisted file extensions are not allowed. |
|
25540 |
Security |
IIS/ASP versions are not disclosed in headers. |
|
25680 |
SSH, AHT, WTM, Web Admin |
Usernames with UTF-8 characters are supported to log on to Ad Hoc Transfer, Web Transfer Module, and SFTP. |
|
25683, 26103 |
Security |
The PostgreSQL version was updated to address potential vulnerabilities. For more information, see CVE-2024-10979 and CVE-2025-1094. |
|
25703 |
SSH |
Large file transfers with specific SSH algorithms combinations. |
|
25757 |
WTM |
Directories with large numbers of files (100 000+) can be viewed via the Web Transfer Module. |
|
25758 |
SSH |
Crashes are no longer caused by missing synchronization in the SSH packet receive function. |
|
25835 |
AHT, WTM |
Headers do not cause conflicts when upgrading. |
|
25882 |
Security |
PrototypeJS was updated to prevent a potential vulnerability. |
|
25885 |
Utilities |
The restore_backup.bat command successfully restores the database. |
|
25889 |
Web Admin |
Cross-site upload requests are blocked to prevent CSRF. |
|
25890 |
Security, AHT, WTM, Web Admin |
Cache control HTTP headers were updated to prevent caching of sensitive data. |
|
25891 |
Security, Web Admin |
Client-side HTTP parameter pollution is prevented. |
|
25987 |
Utilities |
Exception logging in ftpsrvdata_pg.dll is improved. |
|
26035 |
Web Admin |
The WS_FTP Server Manager Start menu link points to the site name instead of localhost, avoiding misleading certificate errors in the browser. |
|
21995 |
Security |
Reflected Cross-Site Scripting (XSS) vulnerabilities have been eliminated. |