CVE-2003-0615

Severity

43%

Complexity

86%

Confidentiality

48%

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

Type

OpenPKG

First reported 21 years ago

2003-08-27 04:00:00

Last updated 6 years ago

2018-05-03 01:29:00

Affected Software

OpenPKG 1.2

1.2

OpenPKG 1.3

1.3

References

CLA-2003:713

20030720 CGI.pm vulnerable to Cross-site Scripting

20030806 [OpenPKG-SA-2003.036] OpenPKG Security Advisory (perl-www)

20030720 CGI.pm vulnerable to Cross-site Scripting.

13638

1007234

101426

N-155

DSA-371

VU#246409

US Government Resource

RHSA-2003:256

8231

Patch, Vendor Advisory

MDKSA-2003:084

cgi-startform-xss(12669)

oval:org.mitre.oval:def:307

oval:org.mitre.oval:def:470

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.