Significant Drag and Drop Vulnerability in WebKitGTK

blogs.gnome.org

Significant Drag and Drop Vulnerability in WebKitGTK

blogs.gnome.org

petsoi@discuss.tchncs.deM to

Gnome@discuss.tchncs.deEnglish · 3 months ago

Significant Drag and Drop Vulnerability in WebKitGTK – Michael Catanzaro's Blog

blogs.gnome.org

WebKitGTK 2.50.3 contains a workaround for CVE-2025-13947, an issue that allows websites to exfiltrate files from your filesystem. If you’re using Epiphany or any other web browser based on WebKitGTK, then you should immediately update to 2.50.3. Websites may attach file URLs to drag sources. When the drag source is dropped onto a drop target, […]

You must log in or # to comment.

Chat

Gnome@discuss.tchncs.de

gnome@discuss.tchncs.de

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !gnome@discuss.tchncs.de

The GNOME Project is a free and open source desktop and computing platform for open platforms like Linux that strives to be an easy and elegant way to use your computer. GNOME software is developed openly and ethically by both individual contributors and corporate partners, and is distributed under the GNU General Public License.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

9 users / day
22 users / week
136 users / month
584 users / 6 months
17 local subscribers
2.63K subscribers
998 Posts
1.21K Comments
Modlog