Opera : Security Vulnerabilities, CVEs, Published In 2010 (Information Leak)
Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
Max CVSS
4.3
EPSS Score
0.31%
Published
2010-02-18
Updated
2010-09-21
Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages.
Max CVSS
5.0
EPSS Score
0.19%
Published
2010-04-08
Updated
2010-04-09
Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes widget properties accessible to third-party domains, which allows remote attackers to obtain potentially sensitive information via a crafted web site.
Max CVSS
4.3
EPSS Score
0.44%
Published
2010-07-08
Updated
2018-10-30
Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content.
Max CVSS
4.3
EPSS Score
0.66%
Published
2010-10-21
Updated
2017-09-19
Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site.
Max CVSS
5.0
EPSS Score
0.47%
Published
2010-12-22
Updated
2011-01-22
5 vulnerabilities found