Http-body Project » Http-body : Security Vulnerabilities, CVEs, CVSS score >= 1
HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module for Perl uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume the suffix is well-formed.
Max CVSS
6.8
EPSS Score
0.61%
Published
2013-11-23
Updated
2014-04-01
1 vulnerabilities found