Описание
Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00455
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
EPSS
Процентиль: 63%
0.00455
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200