Amazon Linux 1 Security Advisory: ALAS-2015-629
Advisory Release Date: 2015-12-14 10:00 Pacific
Advisory Updated Date: 2015-12-13 14:25 Pacific
Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment.
Affected Packages:
perl-HTML-Scrubber
Issue Correction:
Run yum update perl-HTML-Scrubber to update your system.
noarch:
perl-HTML-Scrubber-0.15-1.5.amzn1.noarch
src:
perl-HTML-Scrubber-0.15-1.5.amzn1.src