Package: rekonq
Version: 0.5.0-1
Severity: serious
Tags: security

the following CVE (Common Vulnerabilities & Exposures) id was
published for rekonq.

| Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and
| earlier allow remote attackers to inject arbitrary web script or HTML
| via (1) a URL associated with a nonexistent domain name, related to
| webpage.cpp, aka a "universal XSS" issue; (2) unspecified vectors
| related to webview.cpp; and the about: views for (3) favorites, (4)
| bookmarks, (5) closed tabs, and (6) history.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:


pkg-kde-extras mailing list

Reply via email to