Candidate: CVE-2008-5080
PublicDate: 2008-12-03 18:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5080
 https://ubuntu.com/security/notices/USN-686-1
Description:
 awstats.pl in AWStats 6.8 and earlier does not properly remove quote
 characters, which allows remote attackers to conduct cross-site scripting
 (XSS) attacks via the query_string parameter.  NOTE: this issue exists
 because of an incomplete fix for CVE-2008-3714.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_awstats:
upstream_awstats: released (6.7.dfsg-5.1)
dapper_awstats: released (6.5-1ubuntu1.3)
gutsy_awstats: released (6.6+dfsg-1ubuntu0.1)
hardy_awstats: released (6.7.dfsg-1ubuntu0.1)
intrepid_awstats: released (6.7.dfsg-5ubuntu0.1)
devel_awstats: not-affected (6.7.dfsg-5.1)