Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
Max CVSS
4.3
EPSS Score
0.19%
Published
2002-12-31
Updated
2008-09-05
Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
Max CVSS
4.3
EPSS Score
0.11%
Published
2002-05-29
Updated
2016-10-18
Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.
Max CVSS
7.5
EPSS Score
0.73%
Published
2002-05-29
Updated
2016-10-18
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!