3 matches found
SUSE CVE-2011-1168
Cross-site scripting XSS vulnerability in the KHTMLPart::htmlError function in khtml/khtmlpart.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site...
drupal: session hijacking and denial of service
Custom configured session.inc and password.inc need to be audited as well to verify if they are prone to the following vulnerabilities. More information can be found in the upstream advisory 0. - CVE-2014-9015 session hijacking Aaron Averill discovered that a specially crafted request can give a...
kdelibs: partially universal XSS in Konqueror error pages
Cross-site scripting XSS vulnerability in the KHTMLPart::htmlError function in khtml/khtmlpart.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site...