CVE-2011-4762

Name of the Vulnerable Software and Affected Versions Parallels Plesk Small Business Panel version 10.2.0

Description The issue involves Parallels Plesk Small Business Panel sending incorrect Content-Type headers for certain resources. This might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the /smb/app/top-categories-data/ endpoint and certain other files. It is possible that only clients, not the SmarterStats product, could be affected by this issue.

Recommendations For Parallels Plesk Small Business Panel version 10.2.0, consider restricting access to the /smb/app/top-categories-data/ endpoint until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.