Opera Software » Opera Web Browser : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
Max CVSS
4.3
EPSS Score
0.19%
Published
2002-12-31
Updated
2008-09-05
Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
Max CVSS
4.3
EPSS Score
0.11%
Published
2002-05-29
Updated
2016-10-18
Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.
Max CVSS
7.5
EPSS Score
0.73%
Published
2002-05-29
Updated
2016-10-18
3 vulnerabilities found