Redhat » Analog Real-time Synthesizer : Security Vulnerabilities, CVEs, CVSS score >= 3
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Max CVSS
5.0
EPSS Score
0.50%
Published
2003-08-27
Updated
2017-10-11
1 vulnerabilities found