An issue in HTACG HTML Tidy v5.7.28 allows malicious user to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.
htacg tidy 5.7.28