First published: Mon Jan 29 2007(Updated: )
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
KDE Konqueror | =3.5.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.