Vulnerability in Htdig
CVE-2005-0085
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error messa…
EPSS: 0.023 (80.8th percentile) — read the EPSS interpretation.
Affected products
- Htdig — versions 3.1.5, 3.1.5_7, 3.1.5_8
- Mandrakesoft Mandrake_linux — versions 10.0, 10.1
- Mandrakesoft Mandrake_linux_corporate_server — versions 2.1, 3.0
- Redhat Fedora_core — versions core_3.0
- Suse Suse_linux — versions 8.0, 8.1, 8.2
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)