Description
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2005-0524)
WordPress Plugin Audio Record Arbitrary File Upload (1.0)
Moodle Incorrect Authorization Vulnerability (CVE-2021-20282)
MongoDb Insufficient Session Expiration Vulnerability (CVE-2019-2386)
WordPress Plugin All In One Schema.org Rich Snippets Cross-Site Scripting (1.4.4)