Описание
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 3.5.2-0ubuntu18.5 |
| devel | released | 3.5.7-1ubuntu14 |
| edgy | released | 3.5.5-0ubuntu3.5 |
| feisty | released | 3.5.6-0ubuntu14.1 |
| upstream | needs-triage |
Показывать по
2.6 Low
CVSS2
Связанные уязвимости
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not p ...
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.
ELSA-2007-0909: Moderate: kdelibs security update (MODERATE)
2.6 Low
CVSS2