CVE-2011-2201

2011-09-14T16:05:00
ID CVE-2011-2201
Type cve
Reporter cve@mitre.org
Modified 2011-09-14T16:05:00

Description

The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.