qutebrowser -- Remote code execution due to CSRF
qutebrowser team reports:
Due to a CSRF vulnerability affecting the qute://settings page,
it was possible for websites to modify qutebrowser settings.
Via settings like editor.command, this possibly allowed websites
to execute arbitrary code.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright