Greenguy's Board

Greenguy's Board (http://www.greenguysboard.com/board/index.php)
-   Programming & Scripting (http://www.greenguysboard.com/board/forumdisplay.php?f=15)
-   -   New Apache Cross site scripting vulnerability (http://www.greenguysboard.com/board/showthread.php?t=28314)

ScannerX 2006-01-25 11:41 AM
New Apache Cross site scripting vulnerability
 
Input passed in the URL isn't properly sanitized before being used by the Web-Access-Log viewer. This can be exploited to execute arbitrary JavaScript code in user's browser session in context of an affected website when a malicious log entry is viewed in Geronimo-admin.
http://issues.apache.org/jira/browse/GERONIMO-1474

Ajay 2006-01-25 10:00 PM
Thread title is a little misleading....
 
This is a vulnerability for Geronimo (another project by the Apache team), not the Apache httpd server. |huh

http://geronimo.apache.org/

http://httpd.apache.org


All times are GMT -4. The time now is 11:03 AM.

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© Greenguy Marketing Inc