Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function, which allows remote malicious users to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jochen wiedmann html\\ \\ |