Security Advisories (3)

CVE-2018-14041 (2018-07-13)

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

CVE-2018-14042 (2018-07-13)

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040 (2018-07-13)

Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. JavaScript allows all Object attributes to be altered, including their magical attributes such as _proto_, constructor and prototype. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. Properties on the Object.prototype are then inherited by all the JavaScript objects through the prototype chain. When that happens, this leads to either denial of service by triggering JavaScript exceptions, or it tampers with the application source code to force the code path that the attacker injects, thereby leading to remote code execution.

NAME

www_useperl_server_fastcgi.pl - Catalyst FastCGI

SYNOPSIS

www_useperl_server_fastcgi.pl [options]

Options:
  -? -help      display this help and exits
  -l --listen   Socket path to listen on
                (defaults to standard input)
                can be HOST:PORT, :PORT or a
                filesystem path
  -n --nproc    specify number of processes to keep
                to serve requests (defaults to 1,
                requires -listen)
  -p --pidfile  specify filename for pid file
                (requires -listen)
  -d --daemon   daemonize (requires -listen)
  -M --manager  specify alternate process manager
                (FCGI::ProcManager sub-class)
                or empty string to disable
  -e --keeperr  send error messages to STDOUT, not
                to the webserver
  --proc_title  Set the process title (is possible)

DESCRIPTION

Run a Catalyst application as fastcgi.

AUTHORS

Catalyst Contributors, see Catalyst.pm

COPYRIGHT

This library is free software. You can redistribute it and/or modify it under the same terms as Perl itself.

To install WWW::UsePerl::Server, copy and paste the appropriate command in to your terminal.

cpanm

cpanm WWW::UsePerl::Server

CPAN shell

perl -MCPAN -e shell
install WWW::UsePerl::Server

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

AUTHORS

COPYRIGHT

Module Install Instructions