Opera 7.54 and previous versions allows remote malicious users to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opera opera browser |