Plesk Onyx 17.5.3 Admin panel XSS

Plesk . Powerful and simple . One of the most used control panel for hostings on the internet.
So why not try find something in it ?
plesk gives you 20 day trial and thats enough for finding bugs i guess.
Plesk Onyx comes with feature called MagicSpam vulnerable to reflected XSS.
Note that MagicSpam is not plesk product but a thirdparty program included in plesk by default.
The option is only available for server's admin which can compromise whole server by exploiting it on server owner machine
http://plesk/modules/magicspam/?module=support'<IMG """><SCRIPT>alert('XSSed')</SCRIPT>"> Plesk notified and will inform magicspam about their vulnerability .
patch will be available in next release