omniHTTPD 2.10 suffers from cross site scripting vulnerabilities that could lead to session hijacking.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/31386/omniHTTPD2.10xss.txt
Source: https://packetstormsecurity.com/files/31386/omniHTTPD2.10xss.txt.html