CVE-2011-1841 [Medium] | XSS in Mojolicious

CVE-2011-1841 is rated Low Risk (37.8/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 0.25%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2023-03-07	1.21%	0.25%	-0.96%
2	2022-02-04	—	1.21%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2023-03-07

1.21%

0.25%

-0.96%

2022-02-04

—

1.21%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
4.3	2.0	MEDIUM	`AV:N/AC:M/Au:N/C:N/I:P/A:N` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:M) Exploitation needs some favorable conditions, but not exceptional ones. Authentication (AU:N) No authentication is required. Confidentiality impact (C:N) No confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:N) No availability impact.	8.6	2.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

4.3

2.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:M): Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:N): No confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:N): No availability impact.

8.6

2.9

[email protected]

OS Trackers for CVE-2011-1841

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2011-1841 not yet assigned priority: Debian including 1 source packages (libmojolicious-perl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2011-1841
`ubuntu`	medium	CVE-2011-1841 medium priority: Ubuntu including 1 source packages (libmojolicious-perl), 9 status rows across 9 suites (dapper, hardy, lucid, maverick, natty, oneiric, precise, quantal, upstream): DNE 4, not-affected 3, ignored 1, released 1.	https://ubuntu.com/security/CVE-2011-1841

Affected software / configurations for CVE-2011-1841

Vendor	Product	Version	Raw CPE
mojolicious	mojolicious	<= 1.11	cpe:2.3:a:mojolicious:mojolicious::::::::
mojolicious	mojolicious	0.2	cpe:2.3:a:mojolicious:mojolicious:0.2:::::::*
mojolicious	mojolicious	0.3	cpe:2.3:a:mojolicious:mojolicious:0.3:::::::*
mojolicious	mojolicious	0.4	cpe:2.3:a:mojolicious:mojolicious:0.4:::::::*
mojolicious	mojolicious	0.5	cpe:2.3:a:mojolicious:mojolicious:0.5:::::::*
mojolicious	mojolicious	0.6	cpe:2.3:a:mojolicious:mojolicious:0.6:::::::*
mojolicious	mojolicious	0.7	cpe:2.3:a:mojolicious:mojolicious:0.7:::::::*
mojolicious	mojolicious	0.8	cpe:2.3:a:mojolicious:mojolicious:0.8:::::::*
mojolicious	mojolicious	0.8.1	cpe:2.3:a:mojolicious:mojolicious:0.8.1:::::::*
mojolicious	mojolicious	0.8.2	cpe:2.3:a:mojolicious:mojolicious:0.8.2:::::::*
mojolicious	mojolicious	0.8.3	cpe:2.3:a:mojolicious:mojolicious:0.8.3:::::::*
mojolicious	mojolicious	0.8.4	cpe:2.3:a:mojolicious:mojolicious:0.8.4:::::::*
mojolicious	mojolicious	0.8.5	cpe:2.3:a:mojolicious:mojolicious:0.8.5:::::::*
mojolicious	mojolicious	0.9	cpe:2.3:a:mojolicious:mojolicious:0.9:::::::*
mojolicious	mojolicious	0.8006	cpe:2.3:a:mojolicious:mojolicious:0.8006:::::::*
mojolicious	mojolicious	0.8007	cpe:2.3:a:mojolicious:mojolicious:0.8007:::::::*
mojolicious	mojolicious	0.8008	cpe:2.3:a:mojolicious:mojolicious:0.8008:::::::*
mojolicious	mojolicious	0.8009	cpe:2.3:a:mojolicious:mojolicious:0.8009:::::::*
mojolicious	mojolicious	0.9001	cpe:2.3:a:mojolicious:mojolicious:0.9001:::::::*
mojolicious	mojolicious	0.9002	cpe:2.3:a:mojolicious:mojolicious:0.9002:::::::*
mojolicious	mojolicious	0.991231	cpe:2.3:a:mojolicious:mojolicious:0.991231:::::::*
mojolicious	mojolicious	0.991232	cpe:2.3:a:mojolicious:mojolicious:0.991232:::::::*
mojolicious	mojolicious	0.991233	cpe:2.3:a:mojolicious:mojolicious:0.991233:::::::*
mojolicious	mojolicious	0.991234	cpe:2.3:a:mojolicious:mojolicious:0.991234:::::::*
mojolicious	mojolicious	0.991235	cpe:2.3:a:mojolicious:mojolicious:0.991235:::::::*
mojolicious	mojolicious	0.991236	cpe:2.3:a:mojolicious:mojolicious:0.991236:::::::*
mojolicious	mojolicious	0.991237	cpe:2.3:a:mojolicious:mojolicious:0.991237:::::::*
mojolicious	mojolicious	0.991238	cpe:2.3:a:mojolicious:mojolicious:0.991238:::::::*
mojolicious	mojolicious	0.991239	cpe:2.3:a:mojolicious:mojolicious:0.991239:::::::*
mojolicious	mojolicious	0.991240	cpe:2.3:a:mojolicious:mojolicious:0.991240:::::::*
mojolicious	mojolicious	0.991241	cpe:2.3:a:mojolicious:mojolicious:0.991241:::::::*
mojolicious	mojolicious	0.991242	cpe:2.3:a:mojolicious:mojolicious:0.991242:::::::*
mojolicious	mojolicious	0.991243	cpe:2.3:a:mojolicious:mojolicious:0.991243:::::::*
mojolicious	mojolicious	0.991244	cpe:2.3:a:mojolicious:mojolicious:0.991244:::::::*
mojolicious	mojolicious	0.991245	cpe:2.3:a:mojolicious:mojolicious:0.991245:::::::*
mojolicious	mojolicious	0.991246	cpe:2.3:a:mojolicious:mojolicious:0.991246:::::::*
mojolicious	mojolicious	0.991250	cpe:2.3:a:mojolicious:mojolicious:0.991250:::::::*
mojolicious	mojolicious	0.991251	cpe:2.3:a:mojolicious:mojolicious:0.991251:::::::*
mojolicious	mojolicious	0.999901	cpe:2.3:a:mojolicious:mojolicious:0.999901:::::::*
mojolicious	mojolicious	0.999902	cpe:2.3:a:mojolicious:mojolicious:0.999902:::::::*
mojolicious	mojolicious	0.999903	cpe:2.3:a:mojolicious:mojolicious:0.999903:::::::*
mojolicious	mojolicious	0.999904	cpe:2.3:a:mojolicious:mojolicious:0.999904:::::::*
mojolicious	mojolicious	0.999905	cpe:2.3:a:mojolicious:mojolicious:0.999905:::::::*
mojolicious	mojolicious	0.999906	cpe:2.3:a:mojolicious:mojolicious:0.999906:::::::*
mojolicious	mojolicious	0.999907	cpe:2.3:a:mojolicious:mojolicious:0.999907:::::::*
mojolicious	mojolicious	0.999908	cpe:2.3:a:mojolicious:mojolicious:0.999908:::::::*
mojolicious	mojolicious	0.999909	cpe:2.3:a:mojolicious:mojolicious:0.999909:::::::*
mojolicious	mojolicious	0.999910	cpe:2.3:a:mojolicious:mojolicious:0.999910:::::::*
mojolicious	mojolicious	0.999911	cpe:2.3:a:mojolicious:mojolicious:0.999911:::::::*
mojolicious	mojolicious	0.999912	cpe:2.3:a:mojolicious:mojolicious:0.999912:::::::*
mojolicious	mojolicious	0.999913	cpe:2.3:a:mojolicious:mojolicious:0.999913:::::::*
mojolicious	mojolicious	0.999914	cpe:2.3:a:mojolicious:mojolicious:0.999914:::::::*
mojolicious	mojolicious	0.999920	cpe:2.3:a:mojolicious:mojolicious:0.999920:::::::*
mojolicious	mojolicious	0.999921	cpe:2.3:a:mojolicious:mojolicious:0.999921:::::::*
mojolicious	mojolicious	0.999922	cpe:2.3:a:mojolicious:mojolicious:0.999922:::::::*
mojolicious	mojolicious	0.999923	cpe:2.3:a:mojolicious:mojolicious:0.999923:::::::*
mojolicious	mojolicious	0.999924	cpe:2.3:a:mojolicious:mojolicious:0.999924:::::::*
mojolicious	mojolicious	0.999925	cpe:2.3:a:mojolicious:mojolicious:0.999925:::::::*
mojolicious	mojolicious	0.999926	cpe:2.3:a:mojolicious:mojolicious:0.999926:::::::*
mojolicious	mojolicious	0.999927	cpe:2.3:a:mojolicious:mojolicious:0.999927:::::::*
mojolicious	mojolicious	0.999928	cpe:2.3:a:mojolicious:mojolicious:0.999928:::::::*
mojolicious	mojolicious	0.999929	cpe:2.3:a:mojolicious:mojolicious:0.999929:::::::*
mojolicious	mojolicious	0.999930	cpe:2.3:a:mojolicious:mojolicious:0.999930:::::::*
mojolicious	mojolicious	0.999931	cpe:2.3:a:mojolicious:mojolicious:0.999931:::::::*
mojolicious	mojolicious	0.999932	cpe:2.3:a:mojolicious:mojolicious:0.999932:::::::*
mojolicious	mojolicious	0.999933	cpe:2.3:a:mojolicious:mojolicious:0.999933:::::::*
mojolicious	mojolicious	0.999934	cpe:2.3:a:mojolicious:mojolicious:0.999934:::::::*
mojolicious	mojolicious	0.999935	cpe:2.3:a:mojolicious:mojolicious:0.999935:::::::*
mojolicious	mojolicious	0.999936	cpe:2.3:a:mojolicious:mojolicious:0.999936:::::::*
mojolicious	mojolicious	0.999937	cpe:2.3:a:mojolicious:mojolicious:0.999937:::::::*
mojolicious	mojolicious	0.999938	cpe:2.3:a:mojolicious:mojolicious:0.999938:::::::*
mojolicious	mojolicious	0.999939	cpe:2.3:a:mojolicious:mojolicious:0.999939:::::::*
mojolicious	mojolicious	0.999940	cpe:2.3:a:mojolicious:mojolicious:0.999940:::::::*
mojolicious	mojolicious	0.999941	cpe:2.3:a:mojolicious:mojolicious:0.999941:::::::*
mojolicious	mojolicious	0.999950	cpe:2.3:a:mojolicious:mojolicious:0.999950:::::::*
mojolicious	mojolicious	1.0	cpe:2.3:a:mojolicious:mojolicious:1.0:::::::*
mojolicious	mojolicious	1.1	cpe:2.3:a:mojolicious:mojolicious:1.1:::::::*
mojolicious	mojolicious	1.01	cpe:2.3:a:mojolicious:mojolicious:1.01:::::::*

References for CVE-2011-1841

URL	Tags
http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.20/Changes
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060122.html
http://www.debian.org/security/2011/dsa-2239
http://www.securityfocus.com/bid/47713
https://exchange.xforce.ibmcloud.com/vulnerabilities/67257

URL

CVE-2011-1841

Exploit prediction scoring system (EPSS) score for CVE-2011-1841

Common vulnerability scoring system (CVSS) metrics for CVE-2011-1841

Weakness enumeration for CVE-2011-1841

OS Trackers for CVE-2011-1841

Affected software / configurations for CVE-2011-1841

References for CVE-2011-1841