Mandrake Linux Security Advisory : perl-CGI (MDKSA-2003:084)
Medium Nessus Plugin ID 14066
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionEye on Security found a cross-site scripting vulnerability in the start_form() function in CGI.pm. This vulnerability allows a remote attacker to place a web script in a URL which feeds into a form's action parameter and allows execution by the browser as if it was coming from the site.
SolutionUpdate the affected perl-CGI package.