Description
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by TAKAGI Hiromitsu · textremotecgi
https://www.exploit-db.com/exploits/21023
References (5)
Core 5
Core References
Patch x_refsource_confirm
http://cgiwrap.sourceforge.net/changes.html
Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/1909
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6886
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3084
Scores
EPSS
0.0955
EPSS Percentile
92.9%
Details
Status
published
Products (1)
nathan_neulinger/cgiwrap
< 3.7
Published
Jul 22, 2001
Tracked Since
Feb 18, 2026