Unrated severityNVD Advisory· Published Aug 2, 2010· Updated Apr 29, 2026

CVE-2010-2536

Description

Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue; (2) unspecified vectors related to webview.cpp; and the about: views for (3) favorites, (4) bookmarks, (5) closed tabs, and (6) history.

Affected products

Adjam/Rekonq16 versions
cpe:2.3:a:adjam:rekonq:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:adjam:rekonq:*:*:*:*:*:*:*:*range: <=0.5.0
- cpe:2.3:a:adjam:rekonq:0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.1.95:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.1.98:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.2.90:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.3.90:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.4.90:*:*:*:*:*:*:*
- cpe:2.3:a:adjam:rekonq:0.4.95:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.osvdb.org/66568nvdExploit
secunia.com/advisories/40646nvdVendor Advisory
lists.fedoraproject.org/pipermail/package-announce/2010-October/049406.htmlnvd
marc.infonvd
marc.infonvd
www.vupen.com/english/advisories/2010/2689nvd
bugs.kde.org/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000