Cgiirc: Security Vulnerabilities
irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-06-06
Cross-site scripting (XSS) vulnerability in the nonjs interface (interfaces/nonjs.pm) in CGI:IRC before 0.5.10 allows remote attackers to inject arbitrary web script or HTML via the R parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2011-02-19
Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string.
CVSS Score
7.5
EPSS Score
0.061
Published
2006-05-02