Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability May 12 2008 07:31PM
cxib securityreason com
It is not apache issue. You recrive 403 status, so charset is set in Header. Charset should not be in meta tags. Issue exist, when apache send response without charset in header AND meta tags. Probably you are using old browser without standard settings.

Best Regards,

Maksymilian Arciemowicz

securityreason.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus