Mandriva Linux Security Advisory 2009-266 - awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site this issue exists because of an incomplete fix for CVE-2008-3714. This update fixes this vulnerability.
d513d6585d954aa8f9ad1097ae4518509989e56a48d4b0ae1b39238d22ee7c07