Published: 30/10/2008 Updated: 08/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

The links panel in Opera prior to 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote malicious users to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opera opera 9.26
opera opera 9.20
opera opera 8.53
opera opera 9.10
opera opera 8.52
opera opera 8.51
opera opera 7.54
opera opera 8.0
opera opera 7.23
opera opera 7.50
opera opera 7.0
opera opera 7.03
opera opera 9.21
opera opera 9.02
opera opera 9.01
opera opera 8.50
opera opera 8.02
opera opera 7.21
opera opera 7.22
opera opera 7.02
opera opera 6
opera opera 6.04
opera opera 5.8
opera opera 5.1
opera opera 5.12
opera opera 5.11
opera opera 9.24
opera opera 9.25
opera opera 9.0
opera opera 8.54
opera opera 7.51
opera opera 7.10
opera opera 7.11
opera opera 7
opera opera 7.01
opera opera 6.0
opera opera 6.03
opera opera 5.5
opera opera 5.4
opera opera 9.50
opera opera 6.02
opera opera 6.05
opera opera 5.3
opera opera 5.2
opera opera 9.51
opera opera
opera opera 9.27
opera opera 9.23
opera opera 9.22
opera opera 8.01
opera opera 7.52
opera opera 7.53
opera opera 7.20
opera opera 6.06
opera opera 5.0
opera opera 6.01
opera opera 5.7
opera opera 5.6
opera opera 5..10
opera opera 5.9

source: wwwsecurityfocuscom/bid/31991/info Opera Web Browser is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may allow ...

CWE-79 http://www.securityfocus.com/bid/31991 http://www.opera.com/support/search/view/907/http://security.gentoo.org/glsa/glsa-200811-01.xml http://www.securitytracker.com/id?1021127 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html http://secunia.com/advisories/32538 https://exchange.xforce.ibmcloud.com/vulnerabilities/46220 https://nvd.nist.gov https://www.exploit-db.com/exploits/32548/

CVE-2008-4795

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect