SCO Security Advisory - Cross-site scripting vulnerability in docview (htdig) under OpenServer 5.0.7 and OpenServer 6.0.0 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
bfe8f1276bbd4439e396e05e3a38cc25023e5409c4ed8582ebe4fe5972e05840