ALAS-2013-175 ---- httpd24, mod24_sessionID: oval:org.secpod.oval:def:1600206 | Date: (C)2016-05-19 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiple cross-site scripting vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string. Multiple cross-site scripting vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the mod_imagemap, mod_info, mod_ldap, mod_proxy_ftp, and mod_status modules.
Platform: |
Amazon Linux AMI |
Product: |
httpd24 |
mod24_session |