Search for vulnerabilities
Vulnerability details: VCID-g2dz-n5yc-eua6
Vulnerability ID VCID-g2dz-n5yc-eua6
Aliases CVE-2007-6388
Summary A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.
Status Published
Exploitability 2.0
Weighted Severity 4.8
Risk 9.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
System Score Found at
epss 0.65396 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.65396 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2007-6388
apache_httpd moderate https://httpd.apache.org/security/json/CVE-2007-6388.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
https://api.first.org/data/v1/epss?cve=CVE-2007-6388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
427228 https://bugzilla.redhat.com/show_bug.cgi?id=427228
CVE-2007-6388 https://httpd.apache.org/security/json/CVE-2007-6388.json
RHSA-2008:0004 https://access.redhat.com/errata/RHSA-2008:0004
RHSA-2008:0005 https://access.redhat.com/errata/RHSA-2008:0005
RHSA-2008:0006 https://access.redhat.com/errata/RHSA-2008:0006
RHSA-2008:0007 https://access.redhat.com/errata/RHSA-2008:0007
RHSA-2008:0008 https://access.redhat.com/errata/RHSA-2008:0008
RHSA-2008:0263 https://access.redhat.com/errata/RHSA-2008:0263
RHSA-2008:0523 https://access.redhat.com/errata/RHSA-2008:0523
USN-575-1 https://usn.ubuntu.com/575-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.98419
EPSS Score 0.65396
Published At Aug. 2, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:47.434949+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2007-6388.json 37.0.0