CVE-2022-46391

描述

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.

受影響套件(3)

• Alpine/awstatsfrom 0, < 7.8-r3
• Debian/awstatsfrom 0, < 7.8-2+deb11u1
• Debian/awstatsfrom 0, < 7.6+dfsg-2+deb10u2

CVSS 分數

參考連結(2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2022-46391
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-46391