XSS in Kde Kde-runtime
CVE-2014-8600
Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using th…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.021 (79.2th percentile) — read the EPSS interpretation.
Affected products
- Kde Kde-runtime
- Kde Kio-extras
- Urs_wolfer Kwebkitpart
- Opensuse — versions 13.1
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_UBUNTU, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_SUSE)
- cve@mitre.org (mailing-list, Exploit, x_refsource_FULLDISC)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (Exploit, x_refsource_MISC)