Описание
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| edgy | ignored | end of life, was needs-triage |
| feisty | ignored | end of life, was needs-triage |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.0.55-4ubuntu2.3 |
| devel | not-affected | 2.2.8-1 |
| edgy | released | 2.0.55-4ubuntu4.2 |
| feisty | released | 2.2.3-3.2ubuntu2.1 |
| gutsy | released | 2.2.4-3ubuntu0.1 |
| hardy | not-affected | 2.2.8-1 |
| intrepid | not-affected | 2.2.8-1 |
| jaunty | not-affected | 2.2.8-1 |
| karmic | not-affected | 2.2.8-1 |
| upstream | released | 2.2.8 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-de ...
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
ELSA-2008-0008: Moderate: httpd security update (MODERATE)
EPSS
4.3 Medium
CVSS2