Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732.
References 4 Total
- secunia.com: 20496 third-party-advisory
- http://pridels0.blogspot.com/2006/04/awstats-65-vuln.html
- securityfocus.com: 17621 vdb-entry
- security.gentoo.org: GLSA-200606-06 vendor-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- secunia.com: 20496 third-party-advisoryx_transferred
- http://pridels0.blogspot.com/2006/04/awstats-65-vuln.html x_transferred
- securityfocus.com: 17621 vdb-entryx_transferred
- security.gentoo.org: GLSA-200606-06 vendor-advisoryx_transferred