XSS can occur in GNOME Web (aka Epiphany) prior to 40.4 and 41.x prior to 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome epiphany |
||
debian debian linux 11.0 |