FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mod_perl -- cross-site scripting

Affected packages
mod_perl < 1.31
mod_perl2 < 2.05

Details

VuXML ID 4a638895-41b7-11de-b1cc-00219b0fc4d8
Discovery 2009-02-28
Entry 2009-05-16
Modified 2009-05-16

Secunia reports:

Certain input passed to the "Apache::Status" and "Apache2::Status" modules is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website.

References

CVE Name CVE-2009-0796
URL http://secunia.com/advisories/34597