|Created:||August 6, 2013||Updated:||May 28, 2014|
|Description:||From the OSS security mailing list:
A remote command injection vulnerability was reported in xmonad-contrib. The vulnerability is in the XMonad.Hooks.DynamicLog module.
As we know, web browsers usually set the window title to the current tab. A malicious user, then, can craft a special title in order to inject commands in the current bar.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds