NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-29170

Summary	A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration. Users are recommended to upgrade to version 2.4.68, which fixes this issue.
Publication Date	June 9, 2026, 1:16 a.m.
Registration Date	June 9, 2026, 4:15 a.m.
Last Update	June 9, 2026, 1:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://httpd.apache.org/security/vulnerabilities_24.html	security@apache.org

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html