Security Advisory

CVE-2021-35976

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-10 11:08:18

Last updated 2024-08-04 00:47:43

Assigner mitre

State PUBLISHED

Description

The feature to preview a website in Plesk Obsidian 18.0.0 through 18.0.32 on Linux is vulnerable to reflected XSS via the /plesk-site-preview/ PATH, aka PFSI-62467. The attacker could execute JavaScript code in the victims browser by using the link to preview sites hosted on the server. Authentication is not required to exploit the vulnerability.

← Browse all CVEs View on cve.org ↗