VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Aug 27, 2003· Updated Apr 16, 2026

CVE-2003-0615

CVE-2003-0615

Description

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.

Affected products

23
  • Cgi.pm/Cgi.pm9 versions
    cpe:2.3:a:cgi.pm:cgi.pm:2.73:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:cgi.pm:cgi.pm:2.73:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.74:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.75:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.751:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.753:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.76:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.78:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.79:*:*:*:*:*:*:*
    • cpe:2.3:a:cgi.pm:cgi.pm:2.93:*:*:*:*:*:*:*
  • OpenPKG/Openpkg3 versions
    cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • Debian/Debian Linux11 versions
    cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*+ 10 more
    • cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

News mentions

0

No linked articles in our index yet.