An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself.
[
{
"product": "privoxy",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Privoxy 3.0.33"
}
]
}
]