KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
Version: 3.2.2-1 (sarge)
access other frames in a frameset, loaded with from different (sub)domain. By
that enclosed / secret data can be read through a hidden frameset.
See http://groenndemon.de/bla for demonstration.
(I'd like also to thank the webmaster for motivating me to explore that issue
and setting a wegpage up for demonstration)
(Translation: Action Ändern -> Change action
Passwort klauen -> steel password
Abschicken -> submit)
Please verify this issue on other versions - 3.1.4 seems to be affected as