WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5000)

Description

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

Related Vulnerabilities

WordPress Plugin BSK PDF Manager Multiple SQL Injection Vulnerabilities (1.3.2)

Drupal Core 7.x Security Bypass (7.0 - 7.87)

Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4332)

WordPress Plugin WP Telegram (Auto Post and Notifications) Unspecified Vulnerability (2.1.8)

Severity

Medium

Classification

CVE-2007-5000 CWE-707

Tags

Missing Update Known Vulnerabilities