CVE-2000-1205

CVSS 2.0 Score 4.3 of 10 (medium)

Details

Published Feb 1, 2000
Updated: Nov 20, 2024
CWE ID 79

Summary

CVE-2000-1205 is a cross-site scripting vulnerability affecting Apache 1.3.0 to 1.3.11. This issue allows remote attackers to inject and execute malicious scripts on other web visitors' browsers. The vulnerability exists in three different vectors: the printenv CGI (printenv.pl), pages generated by the ap_send_error_response function, and various messages generated by specific Apache modules or core code. The printenv CGI issue may still pose a risk for Internet Explorer and similar web browsers that can render text/plain content types as HTML, but CVE considers this a design limitation of these browsers rather than a flaw in Apache.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apache Software Foundation Apache HTTP Server

Affected Vendors

  • Apache Software Foundation