VulnerableCode Vulnerability Details - VCID-ss79-kcpu-mqd5

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-ss79-kcpu-mqd5

Essentials
Severities (13)
References (12)
Severity details (1)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ss79-kcpu-mqd5
Aliases	CVE-2008-0005
Summary	A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.
Status	Published
Exploitability	0.5
Weighted Severity	2.1
Risk	1.1
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

System	Score	Found at
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
epss	0.0265	https://api.first.org/data/v1/epss?cve=CVE-2008-0005
apache_httpd	low	https://httpd.apache.org/security/json/CVE-2008-0005.json

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json
		https://api.first.org/data/v1/epss?cve=CVE-2008-0005
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
427739		https://bugzilla.redhat.com/show_bug.cgi?id=427739
CVE-2008-0005		https://httpd.apache.org/security/json/CVE-2008-0005.json
GLSA-200803-19		https://security.gentoo.org/glsa/200803-19
RHSA-2008:0004		https://access.redhat.com/errata/RHSA-2008:0004
RHSA-2008:0005		https://access.redhat.com/errata/RHSA-2008:0005
RHSA-2008:0006		https://access.redhat.com/errata/RHSA-2008:0006
RHSA-2008:0007		https://access.redhat.com/errata/RHSA-2008:0007
RHSA-2008:0008		https://access.redhat.com/errata/RHSA-2008:0008
USN-575-1		https://usn.ubuntu.com/575-1/

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.85683
EPSS Score	0.0265
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:36:15.146363+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2008-0005.json	38.0.0