CVE-2011-4764: XSS
First published: Fri Dec 16 2011(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Wizard/Edit/Modules/Image and certain other files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Parallels Parallels Plesk Small Business Panel | =10.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-4764?
CVE-2011-4764 is classified as a high severity vulnerability due to the potential for remote code execution via cross-site scripting.
How do I fix CVE-2011-4764?
To mitigate CVE-2011-4764, updating the Parallels Plesk Small Business Panel to a version that addresses these XSS vulnerabilities is recommended.
What types of attacks can exploit CVE-2011-4764?
CVE-2011-4764 can be exploited to perform cross-site scripting attacks, allowing the injection of arbitrary web scripts.
Which versions of Parallels Plesk Small Business Panel are affected by CVE-2011-4764?
CVE-2011-4764 specifically affects the Parallels Plesk Small Business Panel version 10.2.0.
Where can I find more information about CVE-2011-4764?
Detailed information on CVE-2011-4764 can be found in various security reports and advisories relevant to the vulnerability.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- agent/source
- vendor/parallels
- canonical/parallels parallels plesk small business panel
- version/parallels parallels plesk small business panel/10.2.0