Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the forms action parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cgi.pm | Cgi.pm | 2.73 (including) | 2.73 (including) |
| Cgi.pm | Cgi.pm | 2.74 (including) | 2.74 (including) |
| Cgi.pm | Cgi.pm | 2.75 (including) | 2.75 (including) |
| Cgi.pm | Cgi.pm | 2.76 (including) | 2.76 (including) |
| Cgi.pm | Cgi.pm | 2.78 (including) | 2.78 (including) |
| Cgi.pm | Cgi.pm | 2.79 (including) | 2.79 (including) |
| Cgi.pm | Cgi.pm | 2.93 (including) | 2.93 (including) |
| Cgi.pm | Cgi.pm | 2.751 (including) | 2.751 (including) |
| Cgi.pm | Cgi.pm | 2.753 (including) | 2.753 (including) |
| Openpkg | Openpkg | 1.2 (including) | 1.2 (including) |
| Openpkg | Openpkg | 1.3 (including) | 1.3 (including) |
| Openpkg | Openpkg | current (including) | current (including) |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * |