Uzbl: >> Uzbl >> 2009.12.22 Security Vulnerabilities
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.
CVSS Score
6.8
EPSS Score
0.058
Published
2010-08-19