WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle Database Server Other Vulnerability (CVE-2002-0840)

Description

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

Remediation

References

Related Vulnerabilities

Moodle Other Vulnerability (CVE-2019-10188)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5340)

WordPress Plugin Locatoraid Store Locator Cross-Site Request Forgery (3.9.11)

WordPress Plugin CiviCRM Security Bypass (5.35.1)

TwistedHTTP Request Splitting Vulnerability (CVE-2020-10108)

Severity

Medium

Classification

CVE-2002-0840

Tags

Missing Update Known Vulnerabilities