Debian Security Advisory 1380-1 - Kalle Olavi Niemitalo discovered that elinks, an advanced text-mode WWW browser, sent HTTP POST data in cleartext when using an HTTPS proxy server potentially allowing private information to be disclosed.
e880a6654b1643c515270277a0f7ec0b81f0494986409cc0fe880d8831dcd87b
Ubuntu Security Notice 519-1 - Kalle Olavi Niemitalo discovered that if elinks makes a POST request to an HTTPS URL through a proxy, information may be sent in clear-text between elinks and the proxy. Attackers with access to the network could steal sensitive information (such as passwords).
8eb3ffc0a271f7162f7d84997a46e1b0768044e5a04c16030d0c288789b788b0