“This page contains information about the Cross Site Scripting
security issue, how it impacts Apache itself, and how to properly
protect against it when using Apache related technologies.”
“We would like to emphasize that this is not an attack against
any specific bug in a specific piece of software. It is not an
Apache problem. It is not a Microsoft problem. It is not a Netscape
problem. In fact, it isn’t even a problem that can be clearly
defined to be a server problem or a client problem. It is an issue
that is truly cross platform and is the result of unforeseen and
unexpected interactions between various components of a set of
interconnected complex systems.”
“We would also like to point out that it is important to
understand that this is not the old, well known issue, that if a
site allows user A to submit content that is viewed by user B, it
has to be properly encoded. This vulnerability is when the content
is both submitted and viewed strictly by user A. Due to the
difficulty of properly encoding output in all situations, many
sites do not worry about encoding data that is only shown to the
user that sent the data in their request due to the mistaken
assumption that this doesn’t pose a security threat.”
“This is a serious security issue, with potential
implications that are only starting to be understood.”
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.