Otherwise I agree with the poster. ALTHOUGH I dont have much of commercial experience deploying CGI.pm based apps and bearing the responsibility for security etc.
It was this false assumption that we're all using CGI.pm in ways that cause Perlmonks to run and hide their children (Matt's) that caused it's ejection from corelist and mutilation on CPAN. These days I usually use CGI::Simple::Standard anyway but CGI was exceptionally handy for writing portable (corelist) local administrative programs that don't endure the Internet. It's also capable of cranking out HTML under control of Perl to create things like dynamic templates and static resources in background processes run by cron that might hit a database once a minute or more to serve static resources rather than let live users make real requests that could range from 0 to Infinity per second...
From what I can see there are still 3 modules on the corelist that generate HTML (and a lot more) but only from POD! With templates written in POD the Pod modules can crank out everything from HTML, XHTML, XML, RTF, man, etc. Hopefully they're SECURE! :-)