
NOTE: this only affects an "unsupported, production-like configuration." Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain.

In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special charactersĪn issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. NOTE: Obsidian is a specific version of the Plesk product: version numbers were used through version 12, and then the convention was changed so that versions are identified by names ("Obsidian"), not numbers.

Plesk Obsidian allows a CSRF attack, e.g., via the /api/v2/cli/commands REST API to change an Admin password.
