Vulnerability Description
Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mod Pagespeed | 0.10.19.1 | |
| Apache | Http Server | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/85430
- https://developers.google.com/speed/docs/mod_pagespeed/CVE-2012-4360Vendor Advisory
- https://developers.google.com/speed/docs/mod_pagespeed/announce-0.10.22.6Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78563
- http://osvdb.org/85430
- https://developers.google.com/speed/docs/mod_pagespeed/CVE-2012-4360Vendor Advisory
- https://developers.google.com/speed/docs/mod_pagespeed/announce-0.10.22.6Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78563
FAQ
What is CVE-2012-4360?
CVE-2012-4360 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecifi...
How severe is CVE-2012-4360?
CVE-2012-4360 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4360?
Check the references section above for vendor advisories and patch information. Affected products include: Google Mod Pagespeed, Apache Http Server.