The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-24
Updated
2024-03-25
Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.25%
Published
2011-05-03
Updated
2017-08-17
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
Max CVSS
5.0
EPSS Score
1.18%
Published
2011-04-29
Updated
2017-08-17
Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.30%
Published
2011-05-03
Updated
2011-08-27
Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.42%
Published
2011-05-03
Updated
2011-08-27
Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.19%
Published
2011-05-03
Updated
2011-07-14
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!