PT-2009-4079 · Cgi Rescue · Cgi Rescue Web Mailer

Published

2009-05-08

Updated

2009-05-23

CVE-2009-1591

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: CGI RESCUE Web Mailer versions prior to 1.04

Description: The issue allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) or HTTP response splitting attacks via CRLF sequences in a web form.

Recommendations: For versions prior to 1.04, update to version 1.04 or later to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2009-1591

Affected Products

Cgi Rescue Web Mailer

PT-2009-4079 · Cgi Rescue · Cgi Rescue Web Mailer

CVE-2009-1591

Weakness Enumeration

Related Identifiers

Affected Products

References · 6