CVE-2016-7968 (kmail)

CVE-2016-7968 (kmail)

KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.

Source: CVE-2016-7968 (kmail)