CVE-2003-0459 in KDE
要約
〜によって MITRE
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Be aware that VulDB is the high quality source for vulnerability data.