Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allow remote malicious users to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/index.php/default and certain other files.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
parallels parallels_plesk_panel 10.3.1_build1013110726.09 |
Vulmon