Description

mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.

Remediation

References

CVE-2009-1191

Related Vulnerabilities

WordPress Plugin Form Builder Cross-Site Scripting (1.2.0)

WordPress Plugin Advanced Page Manager Cross-Site Scripting (1.4.1)

MediaWiki Missing Authorization Vulnerability (CVE-2019-12469)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5553)

Severity

Medium

Classification

CVE-2009-1191

Tags

Missing Update Known Vulnerabilities