CVE-2011-4732

Name of the Vulnerable Software and Affected Versions Parallels Plesk Panel version 10.2.0 build1011110331.18

Description The issue is related to the Server Administration Panel in Parallels Plesk Panel, where the Content-Type header's charset parameter is omitted for certain resources. This could potentially allow remote attackers to have an unspecified impact by exploiting an interpretation conflict involving files such as account/power-mode-logout and certain other files. It is noted that the impact might be on clients rather than the Plesk product itself.

Recommendations For Parallels Plesk Panel version 10.2.0 build1011110331.18, consider restricting access to the affected resources until a proper fix is available. As a temporary workaround, ensure that clients properly handle the charset parameter omission to minimize potential risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.