Significant Drag and Drop Vulnerability in WebKitGTK

blogs.gnome.org

Significant Drag and Drop Vulnerability in WebKitGTK

blogs.gnome.org

petsoiM to

GnomeEnglish · 5 天前

WebKitGTK and WPE WebKit 2.50.3 contain a workaround for CVE-2025-13947, an issue that allows websites to exfiltrate files from your filesystem. If you're using Epiphany or any other web browser based on WebKitGTK or WPE WebKit, then you should immediately update to 2.50.3. Websites may attach file URLs to drag sources. When the drag source...

You must log in or # to comment.

Chat

Gnome

gnome

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !gnome@discuss.tchncs.de

The GNOME Project is a free and open source desktop and computing platform for open platforms like Linux that strives to be an easy and elegant way to use your computer. GNOME software is developed openly and ethically by both individual contributors and corporate partners, and is distributed under the GNU General Public License.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

62 users / day
136 users / week
134 users / month
515 users / 6 months
415 local subscribers
2.53K subscribers
977 Posts
1.15K Comments
Modlog