27 matches found
PT-2025-17610
Name of the Vulnerable Software and Affected Versions mod proxy cluster affected versions not specified Description A vulnerability was found in mod proxy cluster, where the directive does not restrict IP/host access as Require ip IP ADDRESS would suggest, allowing anyone with access to the host ...
mod_cluster/mod_proxy_cluster: Stored Cross site Scripting
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
mod_cluster/mod_proxy_cluster: Stored Cross site Scripting
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
mod_cluster/mod_proxy_cluster: Stored Cross site Scripting
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
Exploit for Cross-site Scripting in Modcluster Mod_Proxy_Cluster
CVE-2023-6710 Exploit POC Explore the depths of CVE-2023-6710...
CVE-2023-6710
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
PT-2023-32745 · Apache +2 · Apache Server +2
Name of the Vulnerable Software and Affected Versions: Apache server affected versions not specified Description: A flaw was found in the mod proxy cluster in the Apache server, which may allow a malicious user to add a script in the alias parameter in the URL to trigger a stored cross-site...