Vulnerability
Description
A restricted cross-site scripting vulnerability was reported in Apache HTTP Server 2.4.0-2.4.39, affecting the mod proxy error page. An attacker might make the link on the error page faulty, causing it to redirect to a URL of their choosing. This would only be exploitable if a server was set up with proxying enabled but the Proxy Error page was displayed due to a configuration error.
Recommendation
Update Apache to the latest version
Correctly configure the Proxy settings
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
