What is CVE-2012-4558?

CVE-2012-4558 is a vulnerability in Apache Http_server, classified under Cross-site Scripting. Published 2013-02-26.

Is CVE-2012-4558 known to be exploited?

26 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Apache Http_server

CVE-2012-4558

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.582 (98.2th percentile) — read the EPSS interpretation.

Affected products

Apache Http_server — versions 2.2, 2.2.0, 2.2.1
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

References

SSRT101139 (x_refsource_HP, vendor-advisory)
oval:org.mitre.oval:def:18977 (x_refsource_OVAL, signature, vdb-entry)
58165 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)
FEDORA-2013-4541 (x_refsource_FEDORA, vendor-advisory)
RHSA-2013:1209 (x_refsource_REDHAT, vendor-advisory)
RHSA-2013:0815 (x_refsource_REDHAT, vendor-advisory)
RHSA-2013:1207 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2012-4558?: CVE-2012-4558 is a vulnerability in Apache Http_server, classified under Cross-site Scripting. Published 2013-02-26.
Is CVE-2012-4558 known to be exploited?: 26 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.