{ "modified": "2025-08-09T19:01:29Z", "published": "2003-08-27T04:00:00Z", "id": "CVE-2003-0615", "details": "Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.", "references": [ { "type": "ADVISORY", "url": "http://secunia.com/advisories/13638" }, { "type": "ADVISORY", "url": "http://www.debian.org/security/2003/dsa-371" }, { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/8231" }, { "type": "ADVISORY", "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084" }, { "type": "FIX", "url": "http://www.securityfocus.com/bid/8231" }, { "type": "WEB", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000713" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=105880349328877\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=106018783704468\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=full-disclosure\u0026m=105875211018698\u0026w=2" }, { "type": "WEB", "url": "http://securitytracker.com/id?1007234" }, { "type": "WEB", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1" }, { "type": "WEB", "url": "http://www.ciac.org/ciac/bulletins/n-155.shtml" }, { "type": "WEB", "url": "http://www.kb.cert.org/vuls/id/246409" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2003-256.html" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12669" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470" } ] }