WordPress Password Reset CVE-2017-8295 Security Bypass Vulnerability - Windows

WordPress is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...

Debian DSA-181-1 : libapache-mod-ssl - XSS

Joe Orton discovered a cross site scripting problem in modssl, an Apache module that adds Strong cryptography i.e. HTTPS support to the webserver. The module will return the server name unescaped in the response to an HTTP request on an SSL port. Like the other recent Apache XSS bugs, this only...

CVE-2002-0840

CVE-2002-0840 is a cross-site scripting (XSS) vulnerability in the default error page of Apache. It affects Apache 2.0 before 2.0.43 and 1.3.x up to 1.3.26, when UseCanonicalName is set to off and wildcard DNS is supported. An attacker can inject script via the Host header to execute in other vis...

security flaw

Cross-site scripting vulnerability in the modssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a...

security flaw

Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different...

Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS

Overview Versions of the Apache HTTPD server with wildcard DNS enabled and UseCanonicalName disabled, are vulnerable to a cross-site scripting attack. Description Apache HTTPD servers versions 2.0.42 and prior, and 1.3.26 and prior, with wildcard DNS enabled and UseCanonicalName disabled, are...