Opera : Security Vulnerabilities, CVEs, Published In 2007 (XSS) CVSS score >= 1
The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains.
Max CVSS
4.3
EPSS Score
0.52%
Published
2007-12-24
Updated
2017-08-08
Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins.
Max CVSS
4.3
EPSS Score
0.80%
Published
2007-12-24
Updated
2017-08-08
The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
Max CVSS
4.3
EPSS Score
1.74%
Published
2007-02-26
Updated
2018-10-16
3 vulnerabilities found