PublicDate: 2008-01-08 19:46:00 UTC
Candidate: CVE-2007-6421
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
 https://ubuntu.com/security/notices/USN-575-1
Description:
 Cross-site scripting (XSS) vulnerability in balancer-manager in
 mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows
 remote attackers to inject arbitrary web script or HTML via the (1) ss, (2)
 wr, or (3) rr parameters, or (4) the URL.
Ubuntu-Description:
Notes:
 jdstrand> redhat has patch
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_apache2:
upstream_apache2: needs-triage
dapper_apache2: released (2.0.55-4ubuntu2.3)
edgy_apache2: released (2.0.55-4ubuntu4.2)
feisty_apache2: released (2.2.3-3.2ubuntu2.1)
gutsy_apache2: released (2.2.4-3ubuntu0.1)
devel_apache2: not-affected (2.2.8-1)