CVE-2008-3714

2008-08-1900:00:00

ubuntu.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.553 Medium

EPSS

Percentile

97.6%

JSON

Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8
allows remote attackers to inject arbitrary web script or HTML via the
query_string, a different vulnerability than CVE-2006-3681 and
CVE-2006-1945.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchawstats< 6.5-1ubuntu1.3UNKNOWN
ubuntu7.10noarchawstats< 6.6+dfsg-1ubuntu0.1UNKNOWN
ubuntu8.04noarchawstats< 6.7.dfsg-1ubuntu0.1UNKNOWN
ubuntu8.10noarchawstats< 6.7.dfsg-5ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	awstats	< 6.5-1ubuntu1.3	UNKNOWN
ubuntu	7.10	noarch	awstats	< 6.6+dfsg-1ubuntu0.1	UNKNOWN
ubuntu	8.04	noarch	awstats	< 6.7.dfsg-1ubuntu0.1	UNKNOWN
ubuntu	8.10	noarch	awstats	< 6.7.dfsg-5ubuntu0.1	UNKNOWN