cve/CVE-2011-4739.md at master

0xMarcio/cve

Fork 0

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

892 B

Raw Permalink Blame History

CVE-2011-4739

Description

The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/my-profile and certain other files.

POC

Reference

http://xss.cx/examples/plesk-reports/xss-reflected-cross-site-scripting-cwe79-capec86-plesk-parallels-control-panel-version-20110407.20.html

Github

No PoCs found on GitHub currently.

892 B Raw Permalink Blame History

CVE-2011-4739

Description

POC

Reference

Github

892 B

Raw Permalink Blame History