kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and previous versions allows malicious users to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kde kdelibs |
||
kde kdelibs 4.10.1 |
||
kde kdelibs 4.10.2 |
||
kde kdelibs 4.10.0 |