Apache.mod_status.Status.Pages.XSS
Description
This indicates an attempt to exploit a Cross Site Scripting (XSS) vulnerability in Apache HTTP Server.
The vulnerability is due to lack of validation of user supplied data sent to the module "mod_status". It may be exploited by remote attackers to execute arbitrary HTML code on a target user's web browser, within the context of a trusted web site.
Affected Products
Apache HTTP Server 2.2.0 through 2.2.6
Apache 2.0.35 through 2.0.61
Apache 1.3.2 through 1.3.39
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for a suggested workaround.
http://httpd.apache.org/security/vulnerabilities_20.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |