RSS   Podatności dla 'Rekonq'   RSS

2011-11-29
 
CVE-2011-3366

CWE-20
 
 
Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

 
2010-08-02
 
CVE-2010-2536

CWE-79
 
 
Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue; (2) unspecified vectors related to webview.cpp; and the about: views for (3) favorites, (4) bookmarks, (5) closed tabs, and (6) history.

 

Copyright 2024, cxsecurity.com

 

Back to Top