CVE-2006-5752

Priority
Description
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status
module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a
public server-status page is used, allows remote attackers to inject
arbitrary web script or HTML via unspecified vectors involving charsets
with browsers that perform "charset detection" when the content-type is not
specified.
Notes
Package
Upstream:needs-triage
More Information

Updated: 2020-03-18 21:54:38 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)