Описание
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1926
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74351
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html
- http://osvdb.org/80622
- http://secunia.com/advisories/48535
- http://www.opera.com/docs/changelogs/mac/1162
- http://www.opera.com/docs/changelogs/unix/1162
- http://www.opera.com/docs/changelogs/windows/1162
- http://www.opera.com/support/kb/view/1012
Связанные уязвимости
nvd
почти 14 лет назад
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.