Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and previous versions, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and previous versions 2.2 versions, allows remote malicious users to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
canonical ubuntu linux 6.06 |
||
opensuse opensuse 10.2 |
||
canonical ubuntu linux 7.10 |
||
apple mac os x |
||
opensuse opensuse 11.0 |
||
opensuse opensuse 10.3 |
||
canonical ubuntu linux 8.04 |