Description
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Thrive Clever Widgets Security Bypass (1.56)
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185)
WordPress Plugin Schema App Structured Data Unspecified Vulnerability (0.5.4)
WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)