CVE-2010-1390 (retired)

Priority
Description
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before
5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X
10.4, allows remote attackers to inject arbitrary web script or HTML via
vectors related to improper UTF-7 canonicalization, and lack of termination
of a quoted string in an HTML document.
Assigned-to
micahg
Notes
jdstrandqt4-x11 unmaintained upstream (see README.webkit for details)
webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
it, while qt4-x11 attempts to unify khtml and webkit.
mdeslaurwebkitkde is a wrapper around qt4-x11's webkit.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Patches:
Upstream:http://trac.webkit.org/changeset/49487
More Information

Updated: 2019-10-09 07:27:18 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)