Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability

To exploit this issue, attackers must be able to control the name of a file on the vulnerable server and to entice a victim into following a malicious URI.

The following proof-of-concept example if available:


 

Privacy Statement
Copyright 2010, SecurityFocus