Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cherokee cherokee httpd 0.1.6 |
||
cherokee cherokee httpd 0.2 |
||
cherokee cherokee httpd 0.4.8 |
||
cherokee cherokee httpd 0.4.9 |
||
cherokee cherokee httpd 0.2.5 |
||
cherokee cherokee httpd 0.2.6 |
||
cherokee cherokee httpd 0.5 |
||
cherokee cherokee httpd 0.2.7 |
||
cherokee cherokee httpd 0.4.17 |
||
cherokee cherokee httpd 0.1 |
||
cherokee cherokee httpd 0.1.5 |
||
cherokee cherokee httpd 0.4.6 |
||
cherokee cherokee httpd 0.4.7 |