CVE-2019-10092

MEDIUM NUCLEI LAB

Apache HTTP Server <2.4.40 - XSS

Title source: llm

Description

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.

Exploits (3)

exploitdb WRITEUP

by Sebastian Neef · webappsmultiple

https://www.exploit-db.com/exploits/47688

View Code ZIP pw:eip

nomisec WORKING POC 5 stars

by motikan2010 · poc

https://github.com/motikan2010/CVE-2019-10092_Docker

View Code ZIP pw:eip

nomisec SUSPICIOUS

by mbadanoiu · poc

https://github.com/mbadanoiu/CVE-2019-10092

View Code ZIP pw:eip

Nuclei Templates (1)

Apache HTTP Server <=2.4.39 - HTML Injection/Partial Cross-Site Scripting

MEDIUMby pdteam

Shodan: cpe:"cpe:2.3:a:apache:http_server" || apache 2.4.49

References (34)

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2019/08/15/4

[Mailing List] http://www.openwall.com/lists/oss-security/2020/08/08/1

[Mailing List] http://www.openwall.com/lists/oss-security/2020/08/08/9

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:4126

[Exploit, Third Party Advisory] https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd

[Vendor Advisory] https://httpd.apache.org/security/vulnerabilities_24.html

[Mailing List] https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Aug/47

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Oct/24

[Third Party Advisory] https://security.gentoo.org/glsa/201909-04

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20190905-0003/

[Third Party Advisory] https://support.f5.com/csp/article/K30442259

[Patch, Third Party Advisory] https://usn.ubuntu.com/4113-1/

[Third Party Advisory] https://www.debian.org/security/2019/dsa-4509

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuapr2020.html

... and 14 more

Scores

CVSS v3 6.1

EPSS 0.8238

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull httpd:2.2

https://github.com/motikan2010/CVE-2019-10092_Docker

https://github.com/mbadanoiu/CVE-2019-10092

View in Library

Details

CWE

CWE-79

Status published

Products (21)

apache/http_server 2.4.0 - 2.4.39

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.04

debian/debian_linux 8.0

debian/debian_linux 9.0

debian/debian_linux 10.0

fedoraproject/fedora 30

netapp/clustered_data_ontap 9.6 (6 CPE variants)

netapp/clustered_data_ontap < 9.5

... and 11 more

Published Sep 26, 2019

Tracked Since Feb 18, 2026