CVE-2011-4766
Parallels Plesk Small Business Panel 10.2.0 - ASP Source Code Exposure via Site Editor Direct Request
Title source: llmDescription
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment
References (1)
Core 1
Core References
Various Sources x_refsource_misc
http://xss.cx/examples/plesk-reports/plesk-10.2.0-site-editor.html
Scores
EPSS
0.0117
EPSS Percentile
63.7%
Details
CWE
CWE-200
Status
published
Products (1)
parallels/parallels_plesk_small_business_panel
10.2.0
Published
Dec 16, 2011
Tracked Since
Feb 18, 2026