CVE-2008-0005

Priority
Description
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev,
and 1.3.x before 1.3.40-dev does not define a charset, which allows remote
attackers to conduct cross-site scripting (XSS) attacks using UTF-7
encoding.
Notes
jdstrandredhat has patch for all releases
Package
Upstream:needs-triage
Package
Upstream:released (2.2.8)
More Information

Updated: 2020-05-25 07:19:24 UTC (commit 11dafbc1d6a43b52e36edd3252d959cb6bc124fe)