Apache HTTP Server Cross-Site Scripting (XSS) in URL Handling

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Apache HTTP Server Cross-Site Scripting (XSS) in URL Handling

MINI-q87h-gm4q-jv9c

Summary

Apache HTTP Server may allow an attacker to inject malicious JavaScript code into a website, potentially stealing user data or manipulating the site's content. This affects websites that use Apache HTTP Server with a specific configuration. To mitigate this issue, update to the latest version of Apache HTTP Server or adjust the configuration to prevent the vulnerability.

What to do

Update teleport-fips-18 to version 18.7.2-r0.

Affected software

Vendor	Product	Affected versions	Fix available
–	teleport-fips-18	<= 18.7.2-r0	18.7.2-r0

Original title

MINI-q87h-gm4q-jv9c

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026