Strix
26.1K

CVE-2011-4616

UnknownEPSS 1.68%

Last modified

CVE-2011-4616 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than) characters.. EPSS estimates a 1.68% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than) characters.

Metrics

EPSS Probability
1.68%

74.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Igor VlasenkoHtml-Template-Pro<= 0.9506
Igor VlasenkoHtml-Template-Pro0.01
Igor VlasenkoHtml-Template-Pro0.17
Igor VlasenkoHtml-Template-Pro0.26
Igor VlasenkoHtml-Template-Pro0.34
Igor VlasenkoHtml-Template-Pro0.35
Igor VlasenkoHtml-Template-Pro0.36
Igor VlasenkoHtml-Template-Pro0.37
Igor VlasenkoHtml-Template-Pro0.38
Igor VlasenkoHtml-Template-Pro0.40
Igor VlasenkoHtml-Template-Pro0.41
Igor VlasenkoHtml-Template-Pro0.42
Igor VlasenkoHtml-Template-Pro0.43
Igor VlasenkoHtml-Template-Pro0.44
Igor VlasenkoHtml-Template-Pro0.45
Igor VlasenkoHtml-Template-Pro0.47
Igor VlasenkoHtml-Template-Pro0.48
Igor VlasenkoHtml-Template-Pro0.50
Igor VlasenkoHtml-Template-Pro0.51
Igor VlasenkoHtml-Template-Pro0.52
Igor VlasenkoHtml-Template-Pro0.53
Igor VlasenkoHtml-Template-Pro0.54
Igor VlasenkoHtml-Template-Pro0.55
Igor VlasenkoHtml-Template-Pro0.56
Igor VlasenkoHtml-Template-Pro0.57
Igor VlasenkoHtml-Template-Pro0.58
Igor VlasenkoHtml-Template-Pro0.59
Igor VlasenkoHtml-Template-Pro0.61
Igor VlasenkoHtml-Template-Pro0.62
Igor VlasenkoHtml-Template-Pro0.63
Igor VlasenkoHtml-Template-Pro0.64
Igor VlasenkoHtml-Template-Pro0.65
Igor VlasenkoHtml-Template-Pro0.66
Igor VlasenkoHtml-Template-Pro0.67
Igor VlasenkoHtml-Template-Pro0.68
Igor VlasenkoHtml-Template-Pro0.69
Igor VlasenkoHtml-Template-Pro0.70
Igor VlasenkoHtml-Template-Pro0.71
Igor VlasenkoHtml-Template-Pro0.72
Igor VlasenkoHtml-Template-Pro0.73
Igor VlasenkoHtml-Template-Pro0.74
Igor VlasenkoHtml-Template-Pro0.75
Igor VlasenkoHtml-Template-Pro0.76
Igor VlasenkoHtml-Template-Pro0.77
Igor VlasenkoHtml-Template-Pro0.80
Igor VlasenkoHtml-Template-Pro0.81
Igor VlasenkoHtml-Template-Pro0.82
Igor VlasenkoHtml-Template-Pro0.83
Igor VlasenkoHtml-Template-Pro0.84
Igor VlasenkoHtml-Template-Pro0.85

Showing 50 of 62 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2011-4616?
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than) characters.
How severe is CVE-2011-4616?
Severity scoring for CVE-2011-4616 is pending analysis. The EPSS model estimates a 1.68% probability of exploitation in the next 30 days.
How do I fix CVE-2011-4616?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-4616?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST