• We value your experience with Plesk during 2025
    Plesk strives to perform even better in 2026. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2025.
    Please take this short survey:
    https://survey.webpros.com/

Security Vulnerability?

B

billguy

Guest
If I grant my domain users access to site builder, why is the administrative password found in the url of the page source?

E.g.
Admin grants access to regular user jblow to use site builder for his domain.
Jblow logs into his control panel
Jblow sees the new site builder button
Jblow views the html source for that particular page and finds the administrator password in the url.

Am I missing something????
 
nm. this only happens if sitebuilder, plesk, and the client domain are the same. my bad.
 
You must log in or register to reply here.

Similar threads

presswizards
Resolved No changelog on Oct-Nov 2025 Imunify AI-bolit vulnerability? Imunify extension patched or not?
Replies
2
Views
2K
presswizards
presswizards
J
Question XMLAPI Permission denied
Replies
2
Views
2K
Aleksei Fedorov
A
R
Question WebMail can't reactivate
Replies
1
Views
422
Kaspar
K
A
Issue Hostname and subscription with same domain name - SSL issues
Replies
7
Views
774
Andrea Bampi
A
Azurel
Issue Different version of "SSL/TLS Certificate for"
Replies
1
Views
726
scsa20
scsa20
Back
Top