3 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. Vulnerabilidad de secuencias de comandos en sitios cruzados en Internet Opera 6 y anteriores permite que atacante remotos ejecuten código arbitrario por medio de un formulario HTML extendido, cuya salida del servidor remoto no se ha aclarado adecuadamente. • http://marc.info/?l=bugtraq&m=101309907709138&w=2 •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache. • https://www.exploit-db.com/exploits/21156 http://marc.info/?l=bugtraq&m=100586079932284&w=2 http://marc.info/?l=bugtraq&m=100588139312696&w=2 http://www.iss.net/security_center/static/7567.php http://www.securityfocus.com/bid/3553 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. • http://www.securityfocus.com/archive/1/10320 https://exchange.xforce.ibmcloud.com/vulnerabilities/1541 •