Articles in this section

What does Imunify notifications do in Plesk?
PHP settings do not apply on a domain when CageFS is enabled in CloudLinux
[CVE-2025-66431] Security vulnerability in domain creation mechanism allows Plesk users to execute arbitrary code on behalf of root
Generating CSR certificate under AlmaLinux 9 and AlmaLinux 10 does not save the Country, City and other fields from SSL certificate settings section
Plesk update fails: bind9 package is half-configured
Wrong $_SERVER['HTTP_HOST'] and $_SERVER['SERVER_NAME'] using Default Site in IP Addresses
Plesk / system update fails after dist-upgrade from Debian 11 to Debian 12: Depends: libodbc2 (>= 2.3.1) but it is not going to be installed
Accessing Apache & nginx settings in Plesk 18.0.72.0 returns error 500: Return value must be of type bool, null returned
Vulnerability CVE-2025-54336
Unable to open mail server configuration for a domain in Plesk UI: The label can only be a string
See more

Vulnerability CVE-2020-27511

Luca Krebs

Updated December 07, 2023 17:58

kb: technical

Situation

Vulnerability CVE-2020-27511 affecting Prototype JavaScript framework has been discovered.

Impact

Plesk uses a custom function instead of the function vulnerable to CVE-2020-27511. Therefore, Plesk is not affected by this vulnerability.

Call to action

To ensure the security and optimal performance of your system, it is recommended to update Plesk to the latest version.

Comments

0 comments

Please sign in to leave a comment.