AVG-43 log

Package kcoreaddons
Status Fixed
Severity Medium
Type insufficient validation
Affected 5.26.0-1
Fixed 5.26.0-2
Current 6.9.0-2 [extra]
Ticket None
Created Fri Oct 7 06:58:45 2016
Issue Severity Remote Type Description
CVE-2016-7966 Medium Yes Insufficient validation
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plain text viewer. Due to the parser used on the URL...
Date Advisory Package Type
07 Oct 2016 ASA-201610-4 kcoreaddons insufficient validation
References
https://www.kde.org/info/security/advisory-20161006-1.txt
http://seclists.org/oss-sec/2016/q4/23