Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 22/01/2023 Updated: 11/04/2024

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

A Host Header Injection issue on the Login page of Plesk Obsidian up to and including 18.0.49 allows malicious users to redirect users to malicious websites via a Host request header. NOTE: the vendor's position is "the ability to use arbitrary domain names to access the panel is an intended feature."

Vulnerable Product	Search on Vulmon	Subscribe to Product
plesk obsidian

CWE-601 https://gist.github.com/TJetnipat/02b3854543b7ec95d54a8de811f2e8ae https://support.plesk.com/hc/en-us/articles/10254625170322-Vulnerability-CVE-2023-24044 https://medium.com/%40jetnipat.tho/cve-2023-24044-10e48ab940d8 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-24044

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect