Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameter.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Telartis Bv | Awstats Totals | 1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31630Vendor Advisory
- http://securityreason.com/securityalert/4218
- http://userwww.service.emory.edu/~ekenda2/EMORY-2008-01.txt
- http://www.securityfocus.com/archive/1/495770/100/0/threaded
- http://www.telartis.nl/xcms/awstats/Patch
- http://www.vupen.com/english/advisories/2008/2442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44706
- http://secunia.com/advisories/31630Vendor Advisory
- http://securityreason.com/securityalert/4218
- http://userwww.service.emory.edu/~ekenda2/EMORY-2008-01.txt
- http://www.securityfocus.com/archive/1/495770/100/0/threaded
- http://www.telartis.nl/xcms/awstats/Patch
- http://www.vupen.com/english/advisories/2008/2442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44706
FAQ
What is CVE-2008-3921?
CVE-2008-3921 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameter.
How severe is CVE-2008-3921?
CVE-2008-3921 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3921?
Check the references section above for vendor advisories and patch information. Affected products include: Telartis Bv Awstats Totals.