Public CVE-2005-2856 disclosure

Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is...