VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2011-1841
mojolicious: Cross-site scripting (XSS) vulnerability in the lin...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1841

Original

Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2011-05-03
Source Information Category:
Advisory, Alert
Last Updated:
2011-05-03




Affected Product Tags
cpe:/a:mojolicious:mojolicious:0.2
cpe:/a:mojolicious:mojolicious:0.3
cpe:/a:mojolicious:mojolicious:0.4
cpe:/a:mojolicious:mojolicious:0.5
cpe:/a:mojolicious:mojolicious:0.6
cpe:/a:mojolicious:mojolicious:0.7
cpe:/a:mojolicious:mojolicious:0.8
cpe:/a:mojolicious:mojolicious:0.8.1
cpe:/a:mojolicious:mojolicious:0.8.2
cpe:/a:mojolicious:mojolicious:0.8.3
cpe:/a:mojolicious:mojolicious:0.8.4
cpe:/a:mojolicious:mojolicious:0.8.5
cpe:/a:mojolicious:mojolicious:0.8006
cpe:/a:mojolicious:mojolicious:0.8007
cpe:/a:mojolicious:mojolicious:0.8008
cpe:/a:mojolicious:mojolicious:0.8009
cpe:/a:mojolicious:mojolicious:0.9
cpe:/a:mojolicious:mojolicious:0.9001
cpe:/a:mojolicious:mojolicious:0.9002
cpe:/a:mojolicious:mojolicious:0.991231
cpe:/a:mojolicious:mojolicious:0.991232
cpe:/a:mojolicious:mojolicious:0.991233
cpe:/a:mojolicious:mojolicious:0.991234
cpe:/a:mojolicious:mojolicious:0.991235
cpe:/a:mojolicious:mojolicious:0.991236
cpe:/a:mojolicious:mojolicious:0.991237
cpe:/a:mojolicious:mojolicious:0.991238
cpe:/a:mojolicious:mojolicious:0.991239
cpe:/a:mojolicious:mojolicious:0.991240
cpe:/a:mojolicious:mojolicious:0.991241
cpe:/a:mojolicious:mojolicious:0.991242
cpe:/a:mojolicious:mojolicious:0.991243
cpe:/a:mojolicious:mojolicious:0.991244
cpe:/a:mojolicious:mojolicious:0.991245
cpe:/a:mojolicious:mojolicious:0.991246
cpe:/a:mojolicious:mojolicious:0.991250
cpe:/a:mojolicious:mojolicious:0.991251
cpe:/a:mojolicious:mojolicious:0.999901
cpe:/a:mojolicious:mojolicious:0.999902
cpe:/a:mojolicious:mojolicious:0.999903
cpe:/a:mojolicious:mojolicious:0.999904
cpe:/a:mojolicious:mojolicious:0.999905
cpe:/a:mojolicious:mojolicious:0.999906
cpe:/a:mojolicious:mojolicious:0.999907
cpe:/a:mojolicious:mojolicious:0.999908
cpe:/a:mojolicious:mojolicious:0.999909
cpe:/a:mojolicious:mojolicious:0.999910
cpe:/a:mojolicious:mojolicious:0.999911
cpe:/a:mojolicious:mojolicious:0.999912
cpe:/a:mojolicious:mojolicious:0.999913
cpe:/a:mojolicious:mojolicious:0.999914
cpe:/a:mojolicious:mojolicious:0.999920
cpe:/a:mojolicious:mojolicious:0.999921
cpe:/a:mojolicious:mojolicious:0.999922
cpe:/a:mojolicious:mojolicious:0.999923
cpe:/a:mojolicious:mojolicious:0.999924
cpe:/a:mojolicious:mojolicious:0.999925
cpe:/a:mojolicious:mojolicious:0.999926
cpe:/a:mojolicious:mojolicious:0.999927
cpe:/a:mojolicious:mojolicious:0.999928
cpe:/a:mojolicious:mojolicious:0.999929
cpe:/a:mojolicious:mojolicious:0.999930
cpe:/a:mojolicious:mojolicious:0.999931
cpe:/a:mojolicious:mojolicious:0.999932
cpe:/a:mojolicious:mojolicious:0.999933
cpe:/a:mojolicious:mojolicious:0.999934
cpe:/a:mojolicious:mojolicious:0.999935
cpe:/a:mojolicious:mojolicious:0.999936
cpe:/a:mojolicious:mojolicious:0.999937
cpe:/a:mojolicious:mojolicious:0.999938
cpe:/a:mojolicious:mojolicious:0.999939
cpe:/a:mojolicious:mojolicious:0.999940
cpe:/a:mojolicious:mojolicious:0.999941
cpe:/a:mojolicious:mojolicious:0.999950
cpe:/a:mojolicious:mojolicious:1.0
cpe:/a:mojolicious:mojolicious:1.01
cpe:/a:mojolicious:mojolicious:1.1
cpe:/a:mojolicious:mojolicious:1.11 and previous versions
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
Alternatives




References
CONFIRM http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.20/Changes




Vulnerability Type Cross-Site Scripting (XSS) (CWE-79)




Copyright © 2011 JPCERT/CC All Rights Reserved.