]> granicus.if.org Git - apache/commit
projects / apache / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b99945e) | patch
Fix CVE-2007-5000:
authorJoe Orton <jorton@apache.org>
Tue, 11 Dec 2007 16:02:23 +0000 (16:02 +0000)
committerJoe Orton <jorton@apache.org>
Tue, 11 Dec 2007 16:02:23 +0000 (16:02 +0000)
commit5b442e5f1b9b81bfe8299259671ec43d3be129c3
tree529c2b2d7368afddbc10daf11838f070fc259e94tree | snapshot
parentb99945ec40082848f165df81b61a29f62d5328c0commit | diff
Fix CVE-2007-5000:

* modules/mappers/mod_imagemap.c (menu_header): Fix
  cross-site-scripting issue by escaping the URI, and ensure that a
  charset parameter is sent in the content-type to prevent
  autodetection by broken browsers.

Reported by: JPCERT

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603282 13f79535-47bb-0310-9956-ffa450edef68
modules/mappers/mod_imagemap.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.