apache -- mod_imap cross-site scripting flaw

ID 9FFF8DC8-7AA7-11DA-BF72-00123F589060
Type freebsd
Reporter FreeBSD
Modified 2009-01-23T00:00:00


The Apache HTTP Server Project reports:

A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers.