Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6388)

Description

Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

Related Vulnerabilities

MySQL CVE-2019-2623 Vulnerability (CVE-2019-2623)

WordPress Plugin W3 Total Cache Arbitrary File Disclosure (0.9.3)

Oracle JRE CVE-2013-0433 Vulnerability (CVE-2013-0433)

WordPress Plugin MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2)

Joomla Improper Input Validation Vulnerability (CVE-2006-4466)

Severity

Medium

Classification

CVE-2007-6388 CWE-707

Tags

Missing Update Known Vulnerabilities