AWStats 7.x up to and including 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
awstats awstats |
||
debian debian linux 10.0 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |