Content-Type Header Manipulation in Parallels Plesk Panel Affects Server Operations
CVE-2011-4732

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4732?

The Server Administration Panel in Parallels Plesk Panel lacks the charset parameter in the Content-Type header for specific resources. This omission could enable remote attackers to exploit conflicts in interpreting certain files, potentially affecting clients' operations. While the vulnerability centers on the server's handling of headers, the implications can vary, emphasizing the need for careful monitoring and patching of software.

References

http://xss.cx/examples/plesk-reports/plesk-redhat-el6-psa...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/72327

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011