Intrusion Prevention



This indicates an attempt to exploit a cross site scripting (XSS) vulnerability in Apache HTTP Server.
The vulnerability is due to lack of validation of user supplied input data. It may be exploited by remote attackers to execute arbitrary HTML code on a target user's web browser, within the context of a trusted web site.

Affected Products

Apache HTTP Server, 1.3.0 to 1.3.9
Apache HTTP Server, 2.0.35 to 2.2.6


System Compromise.

Recommended Actions

Upgrade to the latest version of Apache (2.2.7-dev or later):

CVE References