Vulnerabilities > Plesk > Obsidian > 18.0.17
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-22 | CVE-2023-24044 | Open Redirect vulnerability in Plesk Obsidian 18.0.17 A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. | 6.1 |
2021-09-10 | CVE-2021-35976 | Cross-site Scripting vulnerability in Plesk Obsidian 18.0.17 The feature to preview a website in Plesk Obsidian 18.0.0 through 18.0.32 on Linux is vulnerable to reflected XSS via the /plesk-site-preview/ PATH, aka PFSI-62467. | 4.3 |
2020-08-03 | CVE-2020-11583 | Cross-site Scripting vulnerability in Plesk Obsidian 18.0.17 A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. | 6.1 |