First published: Fri Dec 16 2011(Updated: )
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms on certain pages under admin/index.php/default.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Parallels Parallels Plesk Panel | =10.3.1_build1013110726.09 | |
Redhat Enterprise Linux | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.