It was discovered an insecure Upload function in Plesk Branding Logo.By uploading a crafted SVG file as the logo, it is possible to achieve Stored XSS, Redirection, SSRF and XXE. Product: https://www.plesk.com/ Tested Version: Plesk Obsidian 18.0.3 ...
Italiano
English