Apache Httpd < 2.0.58: mod_imap Referer Cross-Site Scripting

ID HTTPD:6A6D246162DDA1D862484083299ECC4C
Type httpd
Reporter Apache Team Foundation
Modified 2006-05-01T00:00:00


A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers.