漏洞标题
N/A
漏洞描述信息
" Parallels Plesk Small Business Panel 10.2.0中的Site Editor(aka SiteBuilder)功能包含用于本地应用程序部署的未授权的电子邮件地址,这允许远程攻击者通过阅读页面来获得潜在的敏感信息,如js/Wizard/Status.js和某些其他文件所示。。"
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by js/Wizard/Status.js and certain other files.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Parallels Plesk Small Business Panel 信息泄露漏洞
漏洞描述信息
Parallels Plesk Small Business Panel 10.2.0版本中的Site Editor (也称为SiteBuilder)功能中存在漏洞,此功能包含邮件地址的web页面,该邮件的目的不是了解本地应用程序部署。远程攻击者可通过读取页面获取敏感信息,该漏洞已在js/Wizard/Status.js和某些其他文件中被证实。
CVSS信息
N/A
漏洞类别
信息泄露