exploitDog

CVE-2005-1669

Опубликовано: 16 июн. 2005

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.

Ссылки

http://secunia.com/advisories/15411
Not Applicable
http://secunia.com/secunia_research/2005-5/advisory/
Not Applicable
http://secunia.com/advisories/15411
Not Applicable
http://secunia.com/secunia_research/2005-5/advisory/
Not Applicable

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 8.01 (исключая)

EPSS

Процентиль: 63%

0.00437

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5pc8-2mqr-6q3h

github

почти 4 года назад

Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.

EPSS

Процентиль: 63%

0.00437

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-79