Apache Httpd < 2.4.3: XSS in mod_negotiation when untrusted uploads are supported

2012-05-31T00:00:00
ID HTTPD:4F2A124FF64B300D54EB3AA3BBB4F08E
Type httpd
Reporter Apache Team Foundation
Modified 2012-08-21T00:00:00

Description

Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled.

Note: This issue is also known as CVE-2008-0455.