https://bugs.kde.org/show_bug.cgi?id=480193
Bug ID: 480193
Summary: KMail QML HTML injection via --subject and --attach
Classification: Applications
Product: kmail2
Version: unspecified
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: composer
Assignee: kdepim-bugs@kde.org
Reporter: benjaminfle...@icloud.com
Target Milestone: ---
SUMMARY
***
HTML injection into KMail UI
afaik not security issue because external image urls are not followed
***
STEPS TO REPRODUCE
1. kmail --composer --body '' --attach '<h1>HTML Injection bf</h1><img
source="https://www.spyber.com/sig-25163.png"; width="100" height="100" />'
2. kmail --composer --attach 'asdasd <h1>HTML Injection @bf</h1><img src="0" />
' --subject '<h1>injectko</h1>asdasd'
OBSERVED RESULT
custom HTML in kmail UI and alert dialogs
EXPECTED RESULT
no custom HTML in kmail UI
SOFTWARE/OS VERSIONS
kmail2 5.24.4 (23.08.4)
--
You are receiving this mail because:
You are the assignee for the bug.
![https://www.spyber.com/sig-25163.png"](https://www.spyber.com/sig-25163.png"){kind=link}