CGIWrap Cross-Site Scripting Vulnerability

CGIWrap is a free, open-source program for running CGI securely.

CGIWrap does not filter embedded scripting commands from user-supplied input. A web user may submit a malicious link into any form which displays user-supplied input, such as guestbooks, forums, etc. Users clicking on the link will have the malicious scripting commands executed in their browser.


Privacy Statement
Copyright 2010, SecurityFocus