What is the severity of CVE-2008-2168?

CVE-2008-2168 is classified as a moderate severity vulnerability.

How do I fix CVE-2008-2168?

To mitigate CVE-2008-2168, you should upgrade to Apache HTTP Server version 2.2.7 or later.

What type of vulnerability is CVE-2008-2168?

CVE-2008-2168 is a Cross-site Scripting (XSS) vulnerability.

Which versions of Apache HTTP Server are affected by CVE-2008-2168?

CVE-2008-2168 affects Apache HTTP Server versions 2.2.6 and earlier.

Can CVE-2008-2168 affect user data?

Yes, CVE-2008-2168 can lead to unauthorized access to user data through injection of malicious scripts.

Vulnerability/
CVE-2008-2168

medium

4.3

CWE

13/5/2008

7/8/2024

CVE-2008-2168: XSS

First published: Tue May 13 2008(Updated: )

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apache Http Server	=2.0.42
Apache Http Server	=2.2
Apache Http Server	=2.0.58
Apache Http Server	=2.0.47
Apache Http Server	=2.1
Apache Http Server	=2.0.56
Apache Http Server	=2.0.50
Apache Http Server	=2.2.2
Apache Http Server	=2.1.3
Apache Http Server	=2.2.4
Apache Http Server	=2.0.35
Apache Http Server	=2.0.37
Apache Http Server	=2.0.55
Apache Http Server	=2.1.2
Apache Http Server	=2.1.1
Apache Http Server	=2.0.44
Apache Http Server	=2.0.39
Apache Http Server	=2.0.52
Apache Http Server	=2.1.7
Apache Http Server	=2.0.53
Apache Http Server	=2.0.57
Apache Http Server	=2.0.51
Apache Http Server	=2.0.28-beta
Apache Http Server	=2.0.41
Apache Http Server	=2.0.49
Apache Http Server	=2.1.6
Apache Http Server	=2.0.9
Apache Http Server	=2.0.34-beta
Apache Http Server	=2.0.61
Apache Http Server	=2.0.32
Apache Http Server	=2.0.38
Apache Http Server	=2.1.4
Apache Http Server	=2.0.48
Apache Http Server	=2.0.45
Apache Http Server	=2.0.40
Apache Http Server	=2.1.5
Apache Http Server	=2.0.36
Apache Http Server	=2.2.3
Apache Http Server	=2.0.46
Apache Http Server	=2.0.54
Apache Http Server	=2.0.43
Apache Http Server	=2.0.59
Apache Http Server	=2.1.8
Apache Http Server	=2.0.28
Apache Http Server	=2.0
Apache Http Server	=2.0.32-beta
Apache Http Server	=2.2.1
Apache Http Server	=2.0.60
Apache Http Server

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-2168?
CVE-2008-2168 is classified as a moderate severity vulnerability.
How do I fix CVE-2008-2168?
To mitigate CVE-2008-2168, you should upgrade to Apache HTTP Server version 2.2.7 or later.
What type of vulnerability is CVE-2008-2168?
CVE-2008-2168 is a Cross-site Scripting (XSS) vulnerability.
Which versions of Apache HTTP Server are affected by CVE-2008-2168?
CVE-2008-2168 affects Apache HTTP Server versions 2.2.6 and earlier.
Can CVE-2008-2168 affect user data?
Yes, CVE-2008-2168 can lead to unauthorized access to user data through injection of malicious scripts.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/references
agent/description
agent/first-publish-date
agent/event
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/weakness
agent/softwarecombine
agent/tags
agent/source
vendor/apache
canonical/apache http server
version/apache http server/2.0.42
version/apache http server/2.2
version/apache http server/2.0.58
version/apache http server/2.0.47
version/apache http server/2.1
version/apache http server/2.0.56
version/apache http server/2.0.50
version/apache http server/2.2.2
version/apache http server/2.1.3
version/apache http server/2.2.4
version/apache http server/2.0.35
version/apache http server/2.0.37
version/apache http server/2.0.55
version/apache http server/2.1.2
version/apache http server/2.1.1
version/apache http server/2.0.44
version/apache http server/2.0.39
version/apache http server/2.0.52
version/apache http server/2.1.7
version/apache http server/2.0.53
version/apache http server/2.0.57
version/apache http server/2.0.51
version/apache http server/2.0.28-beta
version/apache http server/2.0.41
version/apache http server/2.0.49
version/apache http server/2.1.6
version/apache http server/2.0.9
version/apache http server/2.0.34-beta
version/apache http server/2.0.61
version/apache http server/2.0.32
version/apache http server/2.0.38
version/apache http server/2.1.4
version/apache http server/2.0.48
version/apache http server/2.0.45
version/apache http server/2.0.40
version/apache http server/2.1.5
version/apache http server/2.0.36
version/apache http server/2.2.3
version/apache http server/2.0.46
version/apache http server/2.0.54
version/apache http server/2.0.43
version/apache http server/2.0.59
version/apache http server/2.1.8
version/apache http server/2.0.28
version/apache http server/2.0
version/apache http server/2.0.32-beta
version/apache http server/2.2.1
version/apache http server/2.0.60