PT-2011-1023 · Perl+1 · Libmojolicious-Perl+1

Published

2011-05-03

Updated

2017-08-17

CVE-2011-1841

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mojolicious versions prior to 1.12 libmojolicious-perl (affected versions not specified)

Description The issue concerns a cross-site scripting (XSS) vulnerability in the link to helper. This vulnerability allows remote attackers to inject arbitrary web script or HTML. Additionally, there are multiple vulnerabilities in the libmojolicious-perl package that can lead to breaches of confidentiality, integrity, and availability of protected information, and these can be exploited remotely.

Recommendations For Mojolicious versions prior to 1.12, update to version 1.12 or later to resolve the issue. For libmojolicious-perl, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-79

Related Identifiers

BDU:2015-01469

CVE-2011-1841

DSA-2239-1

Affected Products

Mojolicious

Libmojolicious-Perl

PT-2011-1023 · Perl+1 · Libmojolicious-Perl+1

CVE-2011-1841

Weakness Enumeration

Related Identifiers

Affected Products

References · 14