9 matches found
MiracleLinux 9 : mod_jk-1.2.49-1.el9, mod_proxy_cluster-1.3.20-1.el9 (AXSA:2024-7930:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7930:01 advisory. httpd: Apache Tomcat Connectors modjk Information Disclosure CVE-2023-41081 modcluster/modproxycluster: Stored Cross site Scripting CVE-2023-6710...
SUSE CVE-2023-6710
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
Oracle Linux 9 : mod_jk / and / mod_proxy_cluster (ELSA-2024-2387)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2387 advisory. modjk 1.2.49-1 - Related: RHEL-27511 - Rebase to upstream 1.2.49 release modproxycluster 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag -...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Exploit for Cross-site Scripting in Modcluster Mod_Proxy_Cluster
CVE-2023-6710 Exploit POC Explore the depths of CVE-2023-6710...
Exploit for Cross-site Scripting in Modcluster Mod_Proxy_Cluster
CVE-2023-6710 Exploit POC Explore the depths of CVE-2023-6710...
CVE-2023-6710
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
CVE-2023-6710
CVE-2023-6710 describes a stored XSS in Apache HTTP Server’s mod_proxy_cluster (mod_cluster) when the attacker injects a script via the alias URL parameter, which can render on the cluster-manager page. Root cause: improper handling in mod_proxy_cluster/mod_cluster allowing stored script executio...
CVE-2023-6710 Mod_cluster/mod_proxy_cluster: stored cross site scripting
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...