A vulnerability was found in Apache HTTP Server up to 2.4.67 and classified as problematic . Impacted is an unknown function of the component mod_proxy_ftp . The manipulation results in cross site scripting. This vulnerability was named CVE-2026-29170 . The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.