A vulnerability in the way Apache handles malformed requests, specifically when it answers with an error code of 413 allows remote attackers to inject arbitrary HTML and/or JavaScript into the response received from the server.

http://www.securiteam.com/unixfocus/6H0040KKKU.html