Information Disclosure Vulnerability in Parallels Plesk Small Business Panel
CVE-2011-4767

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Small Business Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4767?

The Site Editor feature in Parallels Plesk Small Business Panel version 10.2.0 contains a vulnerability where web pages may expose e-mail addresses not meant for public view. This flaw can potentially allow remote attackers to access sensitive information by leveraging specific scripts, such as js/Wizard/Status.js, that may display unintended data, posing a risk to user privacy and security.

References

http://xss.cx/examples/plesk-reports/plesk-10.2.0-site-ed...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/72218

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011