MEDIUM
Kde
CVE published 2017-03-02
CVE-2017-6410
CVE-2017-6410 is an information-disclosure issue in KDE’s PAC handling. In affected kio and kdelibs versions, a full HTTPS URL could be passed to the PAC FindProxyForURL function, which may expose sensitive data such as Basic Authentication credentials, query strings, or PATH_INFO to a crafted PAC file.