Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4740


Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4740
Last Modified 16 Feb 2012 11:10:29
Published 16 Dec 2011 06:55:10
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to GET requests with query strings for smb/app/search-data/catalogId/marketplace and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.

Vulnerable Systems


  • Parallels Plesk Panel 10.2.0 Build20110407.20



XF - plesk-links-info-disclosure(72319)

Last Updated: 27 May 2016 10:57:56