An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
CPE | Name | Operator | Version |
---|---|---|---|
plasma-workspace | lt | 5.12.0 |