Lucene search
K

29 matches found

SUSE CVE
SUSE CVE
added 2025/07/10 11:33 p.m.3 views

SUSE CVE-2024-47252

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

5.3CVSS6.8AI score0.00669EPSS
Exploits0References14
OSV
OSV
added 2025/07/10 5:15 p.m.1 views

DEBIAN-CVE-2024-47252

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

7.5CVSS7.2AI score0.00669EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 5:15 p.m.3 views

ALPINE-CVE-2024-47252

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

7.5CVSS6.8AI score0.00669EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/10 4:55 p.m.2 views

CVE-2024-47252 Apache HTTP Server: mod_ssl error log variable escaping

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

6AI score0.00669EPSS
Exploits0References1
Citrix
Citrix
added 2023/10/31 12:0 a.m.17 views

How to create a custom log when a user 'logs in' or 'logs out' of the Gateway session.

Demonstrate on Citrix Gateway How to create a custom log when a user 'logs in' or 'logs out' of the Gateway to a Storefront session...

7AI score
Exploits0
NVD
NVD
added 2023/08/02 1:15 p.m.18 views

CVE-2023-26448

Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit...

5.4CVSS5.6AI score0.00558EPSS
Exploits0References4
Prion
Prion
added 2023/08/02 1:15 p.m.18 views

Code injection

Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit...

4.9CVSS5.7AI score0.00558EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/08/02 12:23 p.m.19 views

CVE-2023-26448

Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit...

5.4CVSS5.9AI score0.00558EPSS
Exploits0References4
Kitploit
Kitploit
added 2015/04/29 1:13 a.m.47 views

GoAccess - Real-time Web Log Analyzer and Interactive Viewer

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...

7.2AI score
Exploits0
Rows per page
Query Builder