kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction
A flaw was found in the KDE Frameworks KConfig prior to version 5.61.0. Certain syntax commands were allowed in .desktop, .directory, and configuration files to allow flexible configurations with the desktop environment. An attacker could add malicious code to a file that a user would...