Information Disclosure in Parallels Plesk Small Business Panel 10.2.0
CVE-2011-4760

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Small Business Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4760?

Parallels Plesk Small Business Panel version 10.2.0 contains a vulnerability that allows remote attackers to access web pages exposing email addresses not meant for public disclosure. This flaw enables unauthorized users to potentially collect sensitive information, thereby increasing the risk of phishing and other malicious activities. Specific pages, such as smb/email-address/list, can reveal this data, making it critical for users to address this risk promptly.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72212

vdb-entryx_refsource_XF

http://xss.cx/examples/plesk-reports/plesk-10.2.0.html

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011