E-mail issue after upgrade to 10.2

[intraweb-online]

The control panel was working correctly before upgrading..
Now, if a customer clicks on an e-mailaddress in the control panel, to change settings, he ends up with this error:


PHP Notice: Undefined index: 265
Line: 264
File: /usr/local/psa/admin/smb/application/library/Smb/Form/Final/EmailAddress.php
Stack Trace:
#0 Smb_Exception_Syntax::handleError(8, Undefined index: 265,
<cut>

Thank you for your advice.
System = CentOS 5.5

 

[LiviuP]

this EMAIL ISSUE HAS AN ADMIN PASSWORD LEAK - Client can have the admin password

When click on email address to change password for example we have this error as output:

- -
PHP Notice: Undefined index: 220
Line: 264
File: /usr/local/psa/admin/smb/application/library/Smb/Form/Final/EmailAddress.php
Stack Trace:
#0 Smb_Exception_Syntax::handleError(8, Undefined index
- -
on the next lines it displays admin password in clear text!.. any client who wants to to change a password from CP can have the admin password

Please investigate and fix ASAP. There are probably many other upgraded plesk servers vulnerable for their clients.

 

[intraweb-online]

Thank you for your feedback
Can someone please raise this with the highest priority to Plesk Developpers ? !!

 

[IgorG]

Could you please fill this form with all necessary details http://forum.parallels.com/showthread.php?t=106113 ?
I will forward it to developers for investigation.