Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote malicious users to inject arbitrary web script or HTML via the test parameter.
source: wwwsecurityfocuscom/bid/9474/info
thttpd is prone to a cross-site scripting vulnerability in the CGI test script This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code If this link were followed, the hostile code may be rendered in the web browser of the victim ...