Denial of Service Vulnerability in Parallels Plesk Panel Version 10.2.0
CVE-2011-4727

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4727?

The Server Administration Panel in Parallels Plesk Panel 10.2.0 does not adequately validate string data intended for XML storage. This lapse allows remote attackers to trigger a denial of service by causing parsing errors through malicious REST URL parameters. The issue is evident in certain administrative endpoints, highlighting a serious risk to the application's stability and potentially enabling other unspecified impacts.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72332

vdb-entryx_refsource_XF

http://xss.cx/examples/plesk-reports/plesk-redhat-el6-psa...

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011