Fix mod_status XSS CVE-2007-6388:

A flaw was found in the mod_status module. On sites where mod_status
is enabled and the status pages were publicly accessible, a cross-site
scripting attack is possible. Note that the server-status page is
not enabled by default and it is best practice to not make this
publicly available.

Fix mod_imap XSS CVE-2007-5000:
A flaw was found in the mod_imap module. On sites where mod_imap
is enabled and an imagemap file is publicly available, a cross-site
scripting attack is possible.

ok miod@

0 files changed, 0 insertions, 0 deletions