CVE-2012-2687

Source
https://nvd.nist.gov/vuln/detail/CVE-2012-2687
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2012-2687.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2012-2687
Downstream
Related
Published
2012-08-22T19:55:01Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

Multiple cross-site scripting (XSS) vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.

References

Affected packages