CVE-2011-4849
Parallels Plesk Panel 10.4.4_build20111103.18 - Exposure of Sensitive Information via Insecure Cookie Transmission
Title source: llmDescription
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, as demonstrated by cookies used by help.php and certain other files.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72224
Scores
EPSS
0.0105
EPSS Percentile
60.4%
Details
CWE
CWE-200
Status
published
Products (1)
parallels/parallels_plesk_panel
10.4.4_build20111103.18
Published
Dec 16, 2011
Tracked Since
Feb 18, 2026