Arbitrary Script Execution via Unsanitized Config Parameter in ht://dig (htdig)

CVE-2005-0085

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Learn more about our Web App Pen Testing.