This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.
The remote contains a search engine that is affected by a cross-site
The 'htsearch' CGI, which is part of the ht://Dig package, is
vulnerable to cross-site scripting attacks, through the 'words'
With a specially crafted URL, an attacker can cause arbitrary code
execution resulting in a loss of integrity.
See also :
There is no known solution at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true