Apache mod_proxy HTML Injection / Partial XSS Vulnerability CVE-2019-10092 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

30

Apache mod_proxy HTML Injection / Partial XSS Vulnerability CVE-2019-10092 Scanner Detail

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page.

An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.

Some Advice for Common Problems

Update your Apache HTTP Server, to the latest version to eliminate this vulnerability.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service