1 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0

Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.x, 1.0.22.7, 1.1.x, 1.24.1, 1.3.25.1 through 1.3.25.4, 1.4.26.1 through 1.4.26.4, 1.5.27.1 through 1.5.27.3, and 1.6.29.1 through 1.6.29.6 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-site scripting (XSS) en el módulo mod_pagespeed 0.x, 1.0.22.7, 1.1.x, 1.24.1, hasta 1.3.25.1 1.3.25.4, 1.4.26.1 nasta1.4.26.4, 1.5.27.1 hasta 1.5. 27.3 y 1.6.29.1 1.6.29.6 hasta de Apache HTTP Server permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://osvdb.org/99081 http://secunia.com/advisories/55429 http://www.securitytracker.com/id/1029262 https://groups.google.com/d/msg/mod-pagespeed-announce/oo015UHRxMc/JcAuf1hE8L8J • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •