1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 3
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 3CVE-2014-8600 – IO Slaves KDE Insufficient Input Validation
https://notcve.org/view.php?id=CVE-2014-8600
19 Nov 2014 — Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is no... • https://packetstorm.news/files/id/129173 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •