Security Advisory

CVE-2003-0459

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2003-08-01 04:00:00

Last updated 2024-08-08 01:58:09

Assigner mitre

State PUBLISHED

Description

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

← Browse all CVEs View on cve.org ↗