CVE-2003-0459

2003-08-27T00:00:00
ID CVE-2003-0459
Type cve
Reporter NVD
Modified 2017-10-10T21:29:10

Description

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.