Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness

Apache is prone to a cross-site scripting weakness when handling HTTP request methods that result in 413 HTTP errors.

An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.

Apache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus