CVE-2016-7968

KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:kde:kmail:*:*:*:*:*:*:*:*

Information

Published : 2016-12-23 14:59

Updated : 2016-12-27 10:50


NVD link : CVE-2016-7968

Mitre link : CVE-2016-7968


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

kde

  • kmail