Description
Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter.
Remediation
References
Related Vulnerabilities
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)
WordPress Plugin Warranties and Returns for WooCommerce Security Bypass (5.2.1)
WordPress Plugin Delete Duplicate Posts Security Bypass (4.1.9.4)