cleantalk
Vulnerabilities and Security Researches

AWStats Script, CVE-2025-49890

CVE, Research URL

CVE-2025-49890

Home page URL

Security reports for AWStats Script

Application

AWStats Script

Published on
Aug 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jorge Garcia de Bustos AWStats Script allows Stored XSS. This issue affects AWStats Script: from n/a through 0.3.
Affected versions
Min -, max 0.3.
Status
vulnerable
Previous vulnerability researches
Shortcode Redirect (CVE-2025-54746) , Aug 16, 2025
Shortcode Redirect (CVE-2012-5325) , Jun 07, 2024
New vulnerability
PHP Compatibility Checker , Aug 21, 2025
Infility Global (CVE-2025-47650) , Aug 21, 2025
Contact Manager (CVE-2025-8783) , Aug 21, 2025
Custom Comment (CVE-2025-49889) , Aug 20, 2025
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2025-53340) , Aug 20, 2025