- Home
- CVEs with oval.description==Apache+HTTP+Server+2.0.x+and+2.2.x+does+not+sanitize+the+HTTP+Method+specifier+header+from+an+HTTP+request+when+it+is+reflected+back+in+a+%22413+Request+Entity+Too+Large%22+error+message%2C+which+might+allow+cross-site+scripting+%28XSS%29+style+attacks+using+web+client+components+that+can+send+arbitrary+headers+in+requests%2C+as+demonstrated+via+an+HTTP+request+containing+an+invalid+Content-length+value%2C+a+similar+issue+to+CVE-2006-3918.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top