Описание
Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | removed from archive |
| devel | DNE | removed from archive |
| feisty | ignored | end of life, was needed |
| gutsy | DNE | |
| hardy | DNE | removed from archive |
| intrepid | DNE | removed from archive |
| upstream | released | 9.52 |
Показывать по
Ссылки на источники
6.4 Medium
CVSS2
Связанные уязвимости
Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker.
Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker.
6.4 Medium
CVSS2