CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 3CVE-2014-8600 – IO Slaves KDE Insufficient Input Validation
https://notcve.org/view.php?id=CVE-2014-8600
19 Nov 2014 — Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is no... • https://packetstorm.news/files/id/129173 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2009-4976
https://notcve.org/view.php?id=CVE-2009-4976
02 Aug 2010 — Cross-site scripting (XSS) vulnerability in webkitpart.cpp in kwebkitpart allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en webkitpart.cpp en kwebkitpart permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante una URL asociada con un nombre de dominio no exist... • http://websvn.kde.org/?view=rev&revision=1059140 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •