Apache Httpd < 2.2.2: mod_imap Referer Cross-Site Scripting

ID HTTPD:86B13C85F68E8D147B32F80CDEF73D8E
Type httpd
Reporter Apache Team Foundation
Modified 2006-05-01T00:00:00


A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers.