Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
Max CVSS
4.3
EPSS Score
0.31%
Published
2010-02-18
Updated
2010-09-21
Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages.
Max CVSS
5.0
EPSS Score
0.19%
Published
2010-04-08
Updated
2010-04-09
Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes widget properties accessible to third-party domains, which allows remote attackers to obtain potentially sensitive information via a crafted web site.
Max CVSS
4.3
EPSS Score
0.44%
Published
2010-07-08
Updated
2018-10-30
Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content.
Max CVSS
4.3
EPSS Score
0.66%
Published
2010-10-21
Updated
2017-09-19
Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site.
Max CVSS
5.0
EPSS Score
0.47%
Published
2010-12-22
Updated
2011-01-22
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!