The Apache servers prior to 2.0.43 insecurely include the value of the 'Host:' header field, received from a connected client, into the SSI error pages. This can be abused for remote cross-site scripting. Apache 1.3.x servers are not affected.
d50f05528a29fbb5a05af733fd529fd69f45701adeb8c86c64d8718b418adecd