CVE-2003-0615

Published: Aug 27, 2003Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.

Affected (23)

Products: Cgi.pm: Cgi.pm · Openpkg: Openpkg · Debian: Debian Linux

1 product

1 product

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Cgi.pm Cgi.pm	Version 2.73
Cgi.pm Cgi.pm	Version 2.74
Cgi.pm Cgi.pm	Version 2.751
Cgi.pm Cgi.pm	Version 2.753
Cgi.pm Cgi.pm	Version 2.75
Cgi.pm Cgi.pm	Version 2.76
Cgi.pm Cgi.pm	Version 2.78
Cgi.pm Cgi.pm	Version 2.79
Cgi.pm Cgi.pm	Version 2.93
Openpkg Openpkg	Version 1.2
Openpkg Openpkg	Version 1.3
Openpkg Openpkg	Version current

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0
Debian Debian Linux	Version 3.0

References (32)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=105880349328877&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=106018783704468&w=2

Source: cve@mitre.org

http://marc.info/?l=full-disclosure&m=105875211018698&w=2

Source: cve@mitre.org

http://secunia.com/advisories/13638

Source: cve@mitre.org

http://securitytracker.com/id?1007234

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/n-155.shtml

Source: cve@mitre.org

http://www.debian.org/security/2003/dsa-371

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/246409

Source: cve@mitre.org

US Government Resource

http://www.redhat.com/support/errata/RHSA-2003-256.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/8231

Source: cve@mitre.org

PatchVendor Advisory

http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/12669

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=105880349328877&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=106018783704468&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=full-disclosure&m=105875211018698&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/13638

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1007234

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ciac.org/ciac/bulletins/n-155.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2003/dsa-371

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/246409

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.redhat.com/support/errata/RHSA-2003-256.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/8231

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/12669

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.