Product: Plesk control panel
Version: <= 8.0.0
Vendor: SWSoft Inc.
VULNERABILITY CLASS: XSS
Plesk is comprehensive server management software developed specifically for the Hosting Service Industry with the assistance of Web hosting professionals.
An attacker can exploit it by compromising the values of the parameter
"file" in filemanager.php.
This can be used to take advantage of the trust between a client and server
the client's machine when client is logged into control panel.