FreeBSD : htdig -- XSS vulnerability (673aec6f-1cae-11da-bc01-000e0c2e438a)
Medium Nessus Plugin ID 21443
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMichael Krax reports a vulnerability within htdig. The vulnerability lies within an unsanitized config parameter, allowing a malicious attacker to execute arbitrary scripting code on the target's browser.
This might allow the attacker to obtain the user's cookies which are associated with the site, including cookies used for authentication.
SolutionUpdate the affected package.