Cyber Security Center of the National Bank of Ukraine
Main Banks Non-banking financial sector Cyber fraud

CVE-2020-11583

A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.

Score

4.3

Source

http://nvd.nist.gov

Access-complexity

MEDIUM

Access-vector

NETWORK