Fix a security hole against Cross Site Scripting Attacks.

diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
index 68a6c88108e75c0581661c1766bb8ea5714a358f..a42ab1e5ceb57092673f15727b1ce153a3818f92 100644 (file)
--- a/wwwroot/cgi-bin/awstats.pl
+++ b/wwwroot/cgi-bin/awstats.pl
@@ -3771,7 +3771,7 @@ EOF
                        if ($_url_k{$key}/($_url_p{$key}||1) > $max_k) { $max_k = $_url_k{$key}/($_url_p{$key}||1); }
                }
                foreach my $key (@keylist) {
-                       my $nompage=CleanFromCSSA($Aliases{$key}?$Aliases{$key}:$key);
+                       my $nompage=$Aliases{$key}?$Aliases{$key}:CleanFromCSSA($key);
                        print "<TR><TD CLASS=AWL>";
                        if (length($nompage)>$MaxLengthOfURL) { $nompage=substr($nompage,0,$MaxLengthOfURL)."..."; }
                        if ($ShowLinksOnUrl) { print "<A HREF=\"http://$SiteToAnalyze$key\">$nompage</A>"; }
@@ -4373,7 +4373,7 @@ EOF
                        if ($_url_k{$key}/($_url_p{$key}||1) > $max_k) { $max_k = $_url_k{$key}/($_url_p{$key}||1); }
                }
                foreach my $key (@keylist) {
-                       my $nompage=CleanFromCSSA($Aliases{$key}?$Aliases{$key}:$key);
+                       my $nompage=$Aliases{$key}?$Aliases{$key}:CleanFromCSSA($key);
                        print "<TR><TD CLASS=AWL>";
                        if (length($nompage)>$MaxLengthOfURL) { $nompage=substr($nompage,0,$MaxLengthOfURL)."..."; }
                        if ($ShowLinksOnUrl) {