Cross-Site Scripting Vulnerabilities in Parallels Plesk Panel by Parallels
CVE-2011-4735

Currently unrated

Key Information:

Vendor

Parallels

Vendor
CVE Published:
16 December 2011

What is CVE-2011-4735?

The Parallels Plesk Panel 10.2.0 build 20110407.20 is impacted by multiple cross-site scripting (XSS) vulnerabilities. These flaws permit remote attackers to inject and execute arbitrary web scripts or HTML through specially crafted inputs submitted to various PHP scripts, including functions associated with user creation. This exploitation could lead to unauthorized actions performed on behalf of users, potentially compromising sensitive information and application integrity.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.