Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2012-3499

Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap (2) mod_info (3) mod_ldap (4) mod_proxy_ftp and (5) mod_status modules.