Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Medium severity flaw in Konqueror
Apr 11 2011 09:07PM
Tim Brown (timb nth-dimension org uk)
I was recently taking a look at Konquerer and spotted an example of universal
XSS. Essentially, the error page displayed when a requested URL is not
available includes said URL. If said URL includes HTML fragments these will
be rendered. CVE-2010-2952 has been assigned to this issue.
[ more ]
Copyright 2010, SecurityFocus