The Data::FormValidator module 4.66 and previous versions for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote malicious users to bypass the taint protection mechanism via form input.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mark_stosberg data\\ \\ |