First published: Fri Dec 23 2016(Updated: )
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
KDE KMail | <=5.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.