Описание
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| awstats | fixed | 7.8-3 | package | |
| awstats | fixed | 7.8-2+deb11u1 | bullseye | package |
Примечания
https://github.com/eldy/AWStats/pull/226
Fixed by: https://github.com/eldy/AWStats/commit/38682330e1ec3f3af95f9436640358b2d9e4a965
EPSS
Процентиль: 57%
0.00349
Низкий
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 3 лет назад
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.
CVSS3: 6.1
nvd
около 3 лет назад
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.
CVSS3: 6.1
github
около 3 лет назад
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.
EPSS
Процентиль: 57%
0.00349
Низкий