CVE-2012-4360

CVE-2012-4360 is a cross-site scripting flaw in the mod_pagespeed Apache module (versions 0.10.19.1–0.10.22.4) that allowed remote attackers to inject arbitrary script via unspecified vectors. The issue affects Apache HTTP Server deployments using mod_pagespeed and could enable execution of JavaS...

CVE-2012-4001

CVE-2012-4001 affects the mod_pagespeed module for the Apache HTTP Server (versions before 0.10.22.6). The vulnerability arises from improper verification of the module’s host name, allowing remote attackers to trigger HTTP requests to arbitrary hosts (demonstrated via intranet targets) due to an...