Secunia - Advisories - Apache "Expect" Header Cross-Site Scripting Vulnerability

セキュリティ
Expect:ヘッダを使ったものがサニタイズされずにユーザーに返るそうです。

Input passed to the "Expect:" header is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.

古いバージョンにのみ影響有りか・・・

Update to version 1.3.35, 2.0.58, 2.2.2, or later.