[kmail2] [Bug 441829] New: Rendering of HTML can bleed over message headers

bugzilla_noreply at kde.org bugzilla_noreply at kde.org
Tue Aug 31 20:17:29 BST 2021 

https://bugs.kde.org/show_bug.cgi?id=441829

            Bug ID: 441829
           Summary: Rendering of HTML can bleed over message headers
           Product: kmail2
           Version: 5.15.3
          Platform: Debian stable
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: kdepim-bugs at kde.org
          Reporter: simon at technocool.net
  Target Milestone: ---

Created attachment 141198
  --> https://bugs.kde.org/attachment.cgi?id=141198&action=edit
Rendering

SUMMARY

STEPS TO REPRODUCE
1. Received spam email 
2. View in Kmail with HTML enabled.

OBSERVED RESULT

The spammer HTML is rendered bleeding over the message list component, this
allows the scammer to fake information, as well as making their phishing attack
more effective.

EXPECTED RESULT

The mail client will prevent the email content corrupting the display of
message metadata, so that users can make informed choices, and are less likely
to be fooled.


SOFTWARE/OS VERSIONS
Linux/KDE Plasma: 
(available in About System)
KDE Plasma Version: 5.20.5
KDE Frameworks Version: 5.78.0
Qt Version: 5.15.2

ADDITIONAL INFORMATION

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Kdepim-bugs mailing list