A HelioHost user noticed, and reported to us that there was a minor SFTP vulnerability on our Plesk servers. We have confirmed the report, and have taken action to prevent it in the future.
The main account's SFTP access was correctly chrooted to the home directory so when you connect to SFTP the only directories and files you can see are your own and you can't see the rest of the server. However, if you created an additional SFTP subaccount it was not correctly chrooted which would allow l