Andy Armstrong : Security Vulnerabilities, CVEs, CVSS score >= 5
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.
Max CVSS
5.0
EPSS Score
0.79%
Published
2012-11-21
Updated
2017-08-29
1 vulnerabilities found