[Slackbuilds-users] qutebrowser 1.3.3 security update

David Woodfall dave at dawoodfall.net
Thu Jun 21 23:14:34 UTC 2018

Hi all,

I've just submitted my first update because of a security issue.


"An XSS vulnerability on the qute://history page allowed websites to inject
HTML into the page via a crafted title tag. This could allow them to steal
your browsing history. If you're currently unable to upgrade, avoid using
:history. A CVE request for this issue is pending, see #4011 for updates."


Until this is available, please avoid using the :history (or qute://history) command.



I'll post any updates here.

Thanks all,



The good thing about standards is that there are so many to choose from.
  -- Andrew S. Tanenbaum

                                                            .--.  oo

More information about the SlackBuilds-users mailing list