Se Trata de la vulnerabilidad HTMLi en el buscador Dolphin Linux KDE. En un texto. Si aplicamos RENAME e inyectamos cualquier TAG. Se ejecutará en bruto a la hora de cambiar. nick name: D3MENT0R - GreyCod3 Team http://greycod3.blogspot.com/2014/06/htmli-dolphin-kde-linux.html Reproducible: Always Steps to Reproduce: 1.Aplicar RENAME a un txt 2.Inyectar un TAG 3.Se ejecutará en bruto a la hora de cambiar. Actual Results: Inyección HTML Se puede hacer un ClickJacking o envenenar un login.
Thanks for the bug report, but this issue has been fixed a long time ago. You are strongly encouraged to upgrade to a more recent version of Dolphin/the KDE SC. BTW, you should always tell us which version you use when you file bug reports (according to the screenshot on the page you linked to, its KDE SC 4.7 or older, I think, which is *extremely* outdated). *** This bug has been marked as a duplicate of bug 312812 ***
(In reply to comment #1) > BTW, you should always tell us which version you use when you file bug > reports (according to the screenshot on the page you linked to, its KDE SC > 4.7 or older, I think, which is *extremely* outdated). Sorry, I got that wrong - it's most likely KDE SC 4.8.x/Dolphin 2.0. It's still quite outdated though ;-)