On Tuesday 12 April 2011 03:36:24 Vincent Danen wrote: > * [2011-04-11 22:07:24 +0100] Tim Brown wrote: > >I was recently taking a look at Konquerer and spotted an example of > >universal XSS. Essentially, the error page displayed when a requested > >URL is not available includes said URL. If said URL includes HTML > >fragments these will be rendered. CVE-2010-2952 has been assigned to > >this issue. > > Actually, CVE-2011-1168 was assigned to this issue as noted in the > upstream advisory: > > http://www.kde.org/info/security/advisory-20110411-1.txt Hi Vincent, You're quite right, not sure how the wrong CVE ended up in the email. That's a different CVE for another of my advisories :/. Tim -- Tim Brown <mailto:timb@xxxxxxxxxxxxxxxxxxxx> <http://www.nth-dimension.org.uk/>
Description: This is a digitally signed message part.