Family: CGI abuses : XSS --> Category: infos
ht://Dig htsearch.cgi XSS Vulnerability Scan
Vulnerability Scan Summary
Checks if ht://Dig is vulnerable to XSS flaw in htsearch.cgi
Detailed Explanation for this Vulnerability Test
The 'htsearch' CGI, which is part of the ht://Dig package,
is vulnerable to cross-site scripting attacks,
throught 'words' variable.
With a specially crafted URL, a possible hacker can cause arbitrary
code execution resulting in a loss of integrity.
Solution : Upgrade to a newer when available
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.