HTML-Template-Pro 0.9503 Deleted
Security Advisories
CVE-2011-4616
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than) characters.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652587
- http://openwall.com/lists/oss-security/2011/12/19/1
- http://secunia.com/advisories/47184
- http://cpansearch.perl.org/src/VIY/HTML-Template-Pro-0.9507/Changes
- http://www.securityfocus.com/bid/51117
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089603.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089889.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089888.html
Fixed version: >=0.9507
Reported: 2012-01-06
Kwalitee Issues
- meta_yml_conforms_to_known_spec
-
Take a look at the META.yml Spec at https://metacpan.org/pod/CPAN::Meta::History::Meta_1_4 (for version 1.4) or https://metacpan.org/pod/CPAN::Meta::Spec (for version 2), and change your META.yml accordingly.
Error: License 'perl or LGPL2+' is invalid (license) [Validation: 1.4]
- no_pod_errors
-
Remove the POD errors. You can check for POD errors automatically by including Test::Pod to your test suite.
Error: HTML-Template-Pro-0.9503/lib/HTML/Template/PerlInterface.pod -- Around line 588: Expected text after =item, not a bullet
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: HTML::Template::Pro, HTML::Template::Pro::WrapAssociate
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- meta_yml_has_repository_resource
-
Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.