Apache Server HTML Injection and UTF-7 XSS Vulnerability
This vulnerability was found by Yaniv Miron and Yossi Yakubov.
This vulnerability will allow an attacker to inject an XSS to any
Apache server that use the Forbidden 403 default page.
After injecting this string:
http://www.victim.com/Znl5g3...
This vulnerability was found by Yaniv Miron and Yossi Yakubov.
This vulnerability will allow an attacker to inject an XSS to any
Apache server that use the Forbidden 403 default page.
After injecting this string:
http://www.victim.com/Znl5g3...
[ more ]