6 matches found
CVE-2012-4360
creationtimestamp| type| source ---|---|--- 2023-11-13 01:28:30+00:00| seen| https://t.me/arpsyndicate/137 2024-10-15 10:14:15+00:00| seen| Telegram/HfSunJuoYNfbsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ...
Apache 'mod_pagespeed'模块跨站脚本执行和安全限制绕过漏洞
BUGTRAQ ID: 55536 CVE ID: CVE-2012-4001 CVE-2012-4360 modpagespeed是开源的Apache模块,可自动优化网页和资源。 Apache 'modpagespeed'模块存在跨站脚本执行和安全限制绕过漏洞,成功利用后可允许攻击者绕过某些安全限制、执行任意脚本代码、窃取Cookie身份验证凭证并执行某些管理员操作。 0 Apache Group modpagespeed 0.10.22.6 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2012-4360
Cross-site scripting XSS vulnerability in the modpagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-4360
CVE-2012-4360 is a cross-site scripting flaw in the mod_pagespeed Apache module (versions 0.10.19.1–0.10.22.4) that allowed remote attackers to inject arbitrary script via unspecified vectors. The issue affects Apache HTTP Server deployments using mod_pagespeed and could enable execution of JavaS...
FreeBSD : mod_pagespeed -- multiple vulnerabilities (178ba4ea-fd40-11e1-b2ae-001fd0af1a4c)
Google Reports : modpagespeed 0.10.22.6 is a security update that fixes two critical issues that affect earlier versions : - CVE-2012-4001, a problem with validation of own host name. - CVE-2012-4360, a cross-site scripting attack, which affects versions starting from 0.10.19.1. The effect of the...
mod_pagespeed -- multiple vulnerabilities
Google Reports: modpagespeed 0.10.22.6 is a security update that fixes two critical issues that affect earlier versions: CVE-2012-4001, a problem with validation of own host name. CVE-2012-4360, a cross-site scripting attack, which affects versions starting from 0.10.19.1. The effect of the first...