Public bug reported: Binary package hint: kdenetwork
When receiving a message that contains HTML code, Kopete will interpret the HTML and display a parsed version of it. E.g. "<a href="http://www.example.com/";>Hi</a>" will display as a link to example.com. I've seen this behaviour on ICQ, where the other person was using CenterIM, and on MSN, where the other party was using Trillian. It is quite annoying when people send you messages like "http://link/ <-- Check this out" or an HTML paste. I'm not sure if this can be abused. I tried some simple tests with Javascript, which didn't work, but that was in no way exhaustive. I'm using Ubuntu 8.10 and Kopete 4.1.3. ** Affects: kdenetwork (Ubuntu) Importance: Undecided Status: New -- Kopete doesn't escape HTML in receiving messages https://bugs.launchpad.net/bugs/309006 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
