An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an ambiguity between modules and filenames that can lead to HTML injection by an attacker who can create a file in the current working directory.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-94 | |
Metrics |
cvssV3_1
|
Fri, 13 Dec 2024 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an ambiguity between modules and filenames that can lead to HTML injection by an attacker who can create a file in the current working directory. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-12-13T00:00:00
Updated: 2024-12-17T19:34:50.379Z
Reserved: 2024-12-13T00:00:00
Link: CVE-2024-55918
Vulnrichment
Updated: 2024-12-17T19:34:45.154Z
NVD
Status : Awaiting Analysis
Published: 2024-12-13T07:15:04.827
Modified: 2024-12-17T20:15:23.140
Link: CVE-2024-55918
Redhat
No data.