Description

Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2007-6388

Related Vulnerabilities

Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)

Perl Other Vulnerability (CVE-2011-0761)

WordPress Plugin Videos on Admin Dashboard Cross-Site Scripting (1.1.3)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16223)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2326)

Severity

Medium

Classification

CVE-2007-6388 CWE-707

Tags

Missing Update Known Vulnerabilities