EUVD-2022-49200

Malicious code in bioql PyPI...

Fedora 37 : awstats (2023-b645c7feda)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b645c7feda advisory. Security fix for CVE-2022-46391 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

USN-5899-1 awstats vulnerability

It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker could possibly use this issue to conduct cross-site scripting XSS attacks...

Cross-site Scripting (XSS)

awstats is vulnerable to cross-site scripting. The vulnerability exists in the hostinfo plugin due to printing a response from Net::XWhois without proper validation checks...

Updated awstats packages fix security vulnerability

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. CVE-2022-46391...

MGASA-2022-0461 Updated awstats packages fix security vulnerability

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. CVE-2022-46391...

DEBIAN-CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

ALPINE-CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

Cross site scripting

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

UBUNTU-CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

AWStats 跨站脚本漏洞

AWStats is eldy personal developer of a log analysis tool applied to Web sites. The software supports the analysis of IIS 5.0 +, Apache and other operating systems on the Web, WAP, proxy, streaming servers, FTP, mail server log files, displaying all Web statistics, including: visitors, pages,...

PT-2022-27848 · Awstats +4 · Awstats +4

Name of the Vulnerable Software and Affected Versions: AWStats versions 7.x through 7.8 Description: The issue allows for XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. Recommendations: For versions 7.x through 7.8, consider disabling the hostinfo...

CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

CVE-2022-46391

AWStats 7.x–7.8 is vulnerable to XSS in the hostinfo plugin due to improper handling of Net::XWhois output. The CVE-2022-46391 issue is acknowledged across multiple feeds; advisories note a security fix is available in various distributions (e.g., Debian 10 with 7.6+dfsg-2+deb10u2, Fedora 37/36 u...