CVE-2007-6388

Published: 08 January 2008

Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Priority

Low

Status

Package Release Status
apache
Launchpad, Ubuntu, Debian
Upstream Needs triage

apache2
Launchpad, Ubuntu, Debian
Upstream Needs triage