apache22 -- several vulnerabilities

2012-10-07T00:00:00
ID 9C88D8A8-8372-11E2-A010-20CF30E32F6D
Type freebsd
Reporter FreeBSD
Modified 2012-10-07T00:00:00

Description

Apache HTTP SERVER PROJECT reports:

low: XSS due to unescaped hostnames CVE-2012-3499 Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp. moderate: XSS in mod_proxy_balancer CVE-2012-4558 A XSS flaw affected the mod_proxy_balancer manager interface.