Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-4558

Опубликовано: 18 фев. 2013
Источник: redhat
CVSS2: 4.3
EPSS Средний

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat JBoss Enterprise Web Server 1httpdWill not fix
Red Hat Enterprise Linux 5httpdFixedRHSA-2013:081513.05.2013
Red Hat Enterprise Linux 6httpdFixedRHSA-2013:081513.05.2013
Red Hat JBoss Enterprise Application Platform 6.1httpdFixedRHSA-2013:120904.09.2013
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5apache-commons-beanutilsFixedRHSA-2013:120704.09.2013
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5apache-commons-daemon-jsvc-eap6FixedRHSA-2013:120704.09.2013
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5apache-cxfFixedRHSA-2013:120704.09.2013
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5apache-cxf-xjc-utilsFixedRHSA-2013:120704.09.2013
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5hibernate4FixedRHSA-2013:120704.09.2013
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5hornetqFixedRHSA-2013:120704.09.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=915884httpd: XSS flaw in mod_proxy_balancer manager interface

EPSS

Процентиль: 98%
0.56125
Средний

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-4558

ubuntu
больше 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.

nvd логотип

CVE-2012-4558

nvd
больше 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.

debian логотип

CVE-2012-4558

debian
больше 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_ha ...

github логотип

GHSA-gvpv-mmxx-g3g2

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.

oracle-oval логотип

ELSA-2013-0815

oracle-oval
больше 12 лет назад

ELSA-2013-0815: httpd security update (MODERATE)

EPSS

Процентиль: 98%
0.56125
Средний

4.3 Medium

CVSS2