CVE-2007-6388
Apache HTTP Server <2.2.7-2.0.62-1.3.40 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (94)
... and 74 more
Scores
EPSS
0.8687
EPSS Percentile
99.4%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
apache/http_server
< 1.3.39
Timeline
Published
Jan 08, 2008
Tracked Since
Feb 18, 2026