Le 22/07/2003 18:57, Lincoln Stein a écrit :
But this was fixed long ago in version 2.94. We're at version 2.98 now. The
most up-to-date copy is always in CPAN.
Please find attached the patch against CGI.pm version 2.98.
--
Erwann Corvellec
--- CGI.pm.ori 2003-06-18 21:57:21.0 +0200
+
ld you include it in an urgent security release please ?
>
> Le 21/07/2003 00:06, obscure a écrit :
> > Advisory Title: CGI.pm vulnerable to Cross-site Scripting.
> > Release Date: July 19 2003
> >
> > Application: CGI.pm - which is by default included in many common
Please find attached a more thorough patch against version 2.93 of CGI.pm
Lincoln, could you include it in an urgent security release please ?
Le 21/07/2003 00:06, obscure a écrit :
Advisory Title: CGI.pm vulnerable to Cross-site Scripting.
Release Date: July 19 2003
Application: CGI.pm
Advisory Title: CGI.pm vulnerable to Cross-site Scripting.
Release Date: July 19 2003
Application: CGI.pm - which is by default included in many common Perl
distributions.
Platform: Most platforms. Tested on Apache and IIS.
Version: CGI.pm
Severity: Effects scripts which make use of
