2 matches found
CVE-2020-11584
CVE-2020-11584 describes a GET-based reflected XSS in Plesk Onyx 17.8.11 . The vulnerability allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. The connected documents confirm the affected product/version and the nature of the flaw, but do not pr...
CVE-2023-43784
CVE-2023-43784 affects Plesk Onyx 17.8.11 where accessKeyId and secretAccessKey fields are tied to an Amazon AWS Firehose component. Red Hat and other sources confirm the issue; the vendor's position is that there is no security threat. Exploitation information is not provided in the connected do...