Ubuntu Security Notice 2414-1 – Tim Brown and Darron Burton discovered that KDE-Runtime incorrectly handled input validation. An attacker could possibly use this issue to execute arbitrary javascript.