CVE-2005-0085

Name of the Vulnerable Software and Affected Versions ht://dig versions prior to 3.1.6-r7

Description A cross-site scripting issue allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Recommendations For versions prior to 3.1.6-r7, update to version 3.1.6-r7 or later to resolve the issue. As a temporary workaround, consider restricting access to the config parameter to minimize the risk of exploitation.