The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote malicious users to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
parallels parallels plesk small business panel 10.2.0 |