CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-1310
https://notcve.org/view.php?id=CVE-2010-1310
08 Apr 2010 — Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. Opera v10.50 permite a atacantes remotos obtener información a través de construcciones XSLT manipuladas, lo que provoca devuelva contenidos cacheados de otras páginas. • http://secunia.com/advisories/38820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 105EXPL: 1CVE-2009-3266
https://notcve.org/view.php?id=CVE-2009-3266
18 Sep 2009 — Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, related to the rendering of the application/rss+xml content type as "scripted content." El navegador Opera anterior a la versión 10.01 no restringe de manera apropiada el HTML en un (1) RSS o (2) Atom feed, que ... • http://archives.neohapsis.com/archives/bugtraq/2009-10/0289.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 105EXPL: 1CVE-2006-6955
https://notcve.org/view.php?id=CVE-2006-6955
29 Jan 2007 — Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723. Opera permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) mediante una página web que contiene un gran número de etiquetas de marquesina anidadas, un problema relacionado con CVE-2006-2723. • http://archives.neohapsis.com/archives/bugtraq/2006-06/0085.html • CWE-20: Improper Input Validation •