Pardus: 2010-108: Rekonq: XSS Vulnerability
Posted by Benjamin D. Thomas   
Universal XSS vulnerability has been fixed in Rekonq.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-108           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-08-11
  Severity: 4
      Type: Local
------------------------------------------------------------------------

Summary
======
Universal XSS vulnerability has been fixed in Rekonq.


Description
==========
Universal XSS vulnerability has been fixed in Rekonq. This vulnerability
allows remote attackers to run arbitrary  javascript  code,  which  can
allow them to extract cookies.


Affected packages:

  Pardus 2009:
    rekonq, all before 0.5.0-6-3


Resolution
=========
There are update(s) for rekonq. You can update them via Package Manager
or with a single command from console:

    pisi up rekonq

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id893
  * https://bugs.kde.org/show_bug.cgi?id!7464

------------------------------------------------------------------------