Lucene search

K
httpdApache Team FoundationHTTPD:5B1A0576DB41649D344EAF9E44229D8A
HistoryDec 12, 2007 - 12:00 a.m.

Apache Httpd < 2.2.8 : mod_proxy_balancer XSS

2007-12-1200:00:00
Apache Team Foundation
httpd.apache.org
32

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

EPSS

0.005

Percentile

75.8%

A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, a cross-site scripting attack against an authorized user is possible.

Affected configurations

Vulners
Node
apacheapache_httpdMatch2.2.6
OR
apacheapache_httpdMatch2.2.5
OR
apacheapache_httpdMatch2.2.4
OR
apacheapache_httpdMatch2.2.3
OR
apacheapache_httpdMatch2.2.2
OR
apacheapache_httpdMatch2.2.0
VendorProductVersionCPE
apacheapache_httpd2.2.6cpe:2.3:a:apache:apache_httpd:2.2.6:*:*:*:*:*:*:*
apacheapache_httpd2.2.5cpe:2.3:a:apache:apache_httpd:2.2.5:*:*:*:*:*:*:*
apacheapache_httpd2.2.4cpe:2.3:a:apache:apache_httpd:2.2.4:*:*:*:*:*:*:*
apacheapache_httpd2.2.3cpe:2.3:a:apache:apache_httpd:2.2.3:*:*:*:*:*:*:*
apacheapache_httpd2.2.2cpe:2.3:a:apache:apache_httpd:2.2.2:*:*:*:*:*:*:*
apacheapache_httpd2.2.0cpe:2.3:a:apache:apache_httpd:2.2.0:*:*:*:*:*:*:*

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

EPSS

0.005

Percentile

75.8%