Invent

**Name of the Vulnerable Software and Affected Versions** SWsoft Plesk versions 8.0 and earlier **Description** A cross-site scripting (XSS) issue exists, allowing remote authenticated users to inject arbitrary web script or HTML. This is achieved via the `file` parameter in the filemanager/filemanager.php script within the control panel. **Recommendations** For SWsoft Plesk versions 8.0 and earlier, update to a version later than 8.0 to resolve the issue.