Konquerer is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. Exploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks. All versions of KDE up to and including KDE 3.5.6 are vulnerable to this issue. Reproducible: Didn't try http://www.kde.org/info/security/advisory-20070206-1.txt
*** This bug has been marked as a duplicate of bug 165606 ***