A cross-site scripting (XSS) vulnerability has been discovered in the Apache httpd server's mod_imap module which allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.�́A�N���X�T�C�g�X�N���v�e�B���O�i XSS �j�̐Ǝ㐫���������ꂽ�̂́A Apache��httpd�T�[�o�[��mod_imap���W���[���Ƀ����[�g�ɂ��U���𒍓�邱��ɂ��A�C�ӂ�Web�X�N���v�g��HTML���o�R����referer�̃C���[�W�}�b�v���g�p���Ă��܂��B

Input passed to the image map "Referer" directive in "mod_imap" isn't properly sanitised before being returned to the user.��͓n���ꂽ�C���[�W�}�b�v" referer��"�f�B���N�e�B�u��" mod_imap "��������sanitised�O�ɂ��āA���[�U�[���Ԃ���܂��B This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.����́A�C�ӂ�HTML��X�N���v�g�����s���鈫�p�R�[�h�����[�U�[�̃u���E�U�̃Z�b�V�����ł̃R���e�L�X�g�̉e�����󂯂�T�C�g�ł��B

The vulnerability has been reported in versions 1.3.0 through 1.3.34, and versions 2.0.35 through 2.0.55.���̐Ǝ㐫���񍐂���Ẵo�[�W����1.3.0����1.3.34 �A����уo�[�W����2.0.35����2.0.55 �B

The vulnerability has been fixed in version 1.3.35-dev, and 2.0.56-dev.���̐Ǝ㐫���C������A�o�[�W����1.3.35 - dev���A�����2.0.56 - dev���ł��B

Link�����N

It affects pretty much all platforms as far as I could check.���Ȃ�e�����y�ڂ����ׂẴv���b�g�t�H�[���Ƃ��Ă���܂Ŏ����m�F���Ă��������B