According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.4. It is, therefore, affected by the following cross-site scripting vulnerabilities :
Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross- site scripting attacks. (CVE-2012-3499)
An error exists related to the mod_proxy_balancer module’s manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)
Note that the scanner did not actually test for these issues, but instead has relied on the version in the server’s banner.
No source data
Vendor | Product | Version | CPE |
---|---|---|---|
apache | http_server | * | cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* |