Описание
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Ссылки
- Broken Link
- Broken LinkMailing List
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-de ...
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
ELSA-2008-0008: Moderate: httpd security update (MODERATE)
EPSS
4.3 Medium
CVSS2