VulnerableCode Vulnerability Details - VCID-kgpj-aexq-7kah

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-kgpj-aexq-7kah

Essentials
Severities (8)
References (13)
Severity details (1)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-kgpj-aexq-7kah
Aliases	CVE-2007-6388
Summary	A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.
Status	Published
Exploitability	2.0
Weighted Severity	4.8
Risk	9.6
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

System	Score	Found at
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss	0.85047	https://api.first.org/data/v1/epss?cve=CVE-2007-6388
apache_httpd	moderate	https://httpd.apache.org/security/json/CVE-2007-6388.json

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
		https://api.first.org/data/v1/epss?cve=CVE-2007-6388
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
427228		https://bugzilla.redhat.com/show_bug.cgi?id=427228
CVE-2007-6388		https://httpd.apache.org/security/json/CVE-2007-6388.json
RHSA-2008:0004		https://access.redhat.com/errata/RHSA-2008:0004
RHSA-2008:0005		https://access.redhat.com/errata/RHSA-2008:0005
RHSA-2008:0006		https://access.redhat.com/errata/RHSA-2008:0006
RHSA-2008:0007		https://access.redhat.com/errata/RHSA-2008:0007
RHSA-2008:0008		https://access.redhat.com/errata/RHSA-2008:0008
RHSA-2008:0263		https://access.redhat.com/errata/RHSA-2008:0263
RHSA-2008:0523		https://access.redhat.com/errata/RHSA-2008:0523
USN-575-1		https://usn.ubuntu.com/575-1/

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.99344
EPSS Score	0.85047
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:36:14.826472+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2007-6388.json	38.0.0