CVE-2007-6110

Name of the Vulnerable Software and Affected Versions htdig version 3.2.0b6

Description The issue is related to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the sort parameter in the htsearch component of htdig. Multiple vulnerabilities in the htdig package of the Debian GNU/Linux operating system can lead to a breach of protected information integrity, and these vulnerabilities can be exploited remotely.

Recommendations For htdig version 3.2.0b6, consider disabling the sort parameter in the htsearch component until a patch is available to prevent exploitation of the XSS vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.