Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability

Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability

From: <cxib_at_securityreason.com>
Date: 12 May 2008 19:31:00 -0000

('binary' encoding is not supported, stored as-is) It is not apache issue. You recrive 403 status, so charset is set in Header. Charset should not be in meta tags. Issue exist, when apache send response without charset in header AND meta tags. Probably you are using old browser without standard settings.

Best Regards,
Maksymilian Arciemowicz
securityreason.com
Received on May 12 2008

This message: [ Message body ]
Next message: Pierre-Yves Rofes: "[ GLSA 200805-11 ] Chicken: Multiple vulnerabilities"
Previous message: security-alert_at_hp.com: "[security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS)"
Maybe in reply to: yos20053_at_gmail.com: "Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability"
Next in thread: Tom.Donovan_at_acm.org: "Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]