First published: Thu Apr 20 2006(Updated: )
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Awstats Awstats | =6.3 | |
Awstats Awstats | =6.5 | |
Awstats Awstats | =6.1 | |
Awstats Awstats | =6.2 | |
Awstats Awstats | =6.0 | |
Awstats Awstats | <=6.5_1.857 | |
Awstats Awstats | =6.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.