|
|
Info |
Last Modified |
| 5 months ago |
|
|
|
|
|
This Entry needs help! It is only 40% Complete. Click the edit link above to add more information.
Contributing is fast and easy, and benefits the entire security community.
|
Description |
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
OSVDB:
Web Related
|
|
Products |
|
HTTP Server
 |
1.3.11 |
1.3.12 |
1.3.14 |
1.3.17 |
1.3.19 |
1.3.2 |
1.3.20 |
1.3.22 |
1.3.24 |
1.3.26 |
1.3.27 |
1.3.28 |
1.3.3 |
1.3.4 |
1.3.6 |
1.3.9 |
2.0.40 |
2.0.42 |
2.0.43 |
2.0.44 |
2.0.45 |
2.0.46 |
2.0.47 |
1.3.29 |
2.0.35 |
2.0.36 |
2.0.37 |
2.0.39 |
2.0.48 |
2.0.49 |
2.0.50 |
2.2.2 |
2.2.3 |
2.2.4 |
1.3.31 |
1.3.32 |
1.3.33 |
1.3.34 |
1.3.35 |
1.3.36 |
2.0.51 |
2.0.52 |
2.0.53 |
2.0.54 |
2.0.55 |
2.0.58 |
2.0.59 |
2.2.0 |
1.3.37
|
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
