CVE-2008-0005

Priority
Description
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev,
and 1.3.x before 1.3.40-dev does not define a charset, which allows remote
attackers to conduct cross-site scripting (XSS) attacks using UTF-7
encoding.
Notes
jdstrandredhat has patch for all releases
Package
Upstream:needs-triage
Package
Upstream:released (2.2.8)
More Information

Updated: 2019-12-05 20:47:30 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)