Arbitrary Script Execution via Unsanitized Config Parameter in ht://dig (htdig)

Arbitrary Script Execution via Unsanitized Config Parameter in ht://dig (htdig)

CVE-2005-0085 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Learn more about our Web App Pen Testing.