Description

Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.

Remediation

References

CVE-2007-6421

Related Vulnerabilities

WordPress Plugin WP Email Users SQL Injection (1.4.3)

WordPress Plugin Accept Stripe Donation-AidWP Security Bypass (2.8)

PHP Double Free Vulnerability (CVE-2016-5772)

Oracle HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-3822)

WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1)

Severity

Low

Classification

CVE-2007-6421 CWE-707

Tags

Missing Update Known Vulnerabilities