CVE-2010-2536

Name of the Vulnerable Software and Affected Versions rekonq versions 0.5 and earlier

Description The issue allows remote attackers to inject arbitrary web script or HTML, related to webpage.cpp, which is a "universal XSS" issue. Additionally, there are unspecified vectors related to webview.cpp, and vulnerabilities in the about: views for favorites, bookmarks, closed tabs, and history.

Recommendations For rekonq versions 0.5 and earlier, consider disabling the webpage.cpp and webview.cpp components until a patch is available. Restrict access to the about: views for favorites, bookmarks, closed tabs, and history to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.