Content-Type Header Omission in Parallels Plesk Panel 10.4.4
CVE-2011-4855

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4855?

The Control Panel in Parallels Plesk Panel 10.4.4 is vulnerable due to an omission in the Content-Type header's charset parameter for certain resources. This may allow remote attackers to exploit an interpretation conflict, potentially affecting customers through specific URL pathways, primarily in contexts involving admin and customer services. As this issue may influence client interactions, it necessitates prompt attention and remediation to secure the affected system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72092

vdb-entryx_refsource_XF

http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4....

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 15, 2011