Hello, as mentioned in http://www.osreviews.net/reviews/comm/awstats, the same type of XSS vulnerability also exists with the 'diricons' parameter. In this case, Debian is affected, too.
Hendrik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
