Description

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

Remediation

References

CVE-2008-2168

Related Vulnerabilities

MySQL CVE-2016-7440 Vulnerability (CVE-2016-7440)

Oracle Database Server CVE-2009-1997 Vulnerability (CVE-2009-1997)

WordPress Plugin JC Coupon Cross-Site Scripting (2.5)

WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader Multiple Security Bypass Vulnerabilities (1.2.4)

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.20)

Severity

Medium

Classification

CVE-2008-2168 CWE-707

Tags

Missing Update Known Vulnerabilities