The Quick Buttons feature in Konversation 0.15 allows remote malicious users to execute certain IRC commands via a channel name containing "%" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
berlios konversation 0.15 |