Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability

No description provided by source. http://www.example.com/perl-status/APR::SockAddr::port/%22%3E%3Cscript%3Ealert1%3C/script%3E...

Mandrake Security Advisory MDVSA-2009:091 (mod_perl)

The remote host is missing an update to modperl announced via advisory MDVSA-2009:091. OpenVAS Vulnerability Test $Id: mdksa2009091.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:091 modperl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

CVE-2009-0796

Cross-site scripting XSS vulnerability in Status.pm in Apache::Status and Apache2::Status in modperl1 and modperl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI...

Apache mod_perl 'Apache::Status'和'Apache2::Status'跨站脚本漏洞

BUGTRAQ ID: 34383 CVE ID：CVE-2009-0796 CNCVE ID：CNCVE-20090796 Apache是一款开放源代码的WEB服务程序。 Apache modperl 'Apache::Status'和'Apache2::Status'存在跨站脚本攻击，远程攻击者可以利用漏洞获得敏感信息。 目前没有详细漏洞细节提供。 Apache Software Foundation modperl 2.0.4 Apache Software Foundation modperl 2.0.3 Apache Software Foundation modperl...

mod_perl Apache::Status URI XSS

The remote web server contains an embedded Perl interpreter along with a version of Apache2::Status / Apache::Status that fails to sanitize the request URL before using it to generate dynamic HTML output. An attacker may be able to leverage this to inject arbitrary HTML and script code into a...

mod_perl -- cross-site scripting

Secunia reports: Certain input passed to the "Apache::Status" and "Apache2::Status" modules is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website...