Cross-site scripting in Opera

Posted: October 8, 2012 in Vulnerabilities
Tags: , , , ,

Opera AlertVulnerability: Cross-site scripting in Opera

Danger: Middle
If the Patch: None
Number of vulnerabilities: 1
Impact: Cross Site Scripting
Affected products: Opera 12.x

Affected versions: Opera 12.02 for Windows, Mac OS and Linux, possibly earlier


The vulnerability allows malicious people to conduct XSS attacks.

The vulnerability is caused due to insufficient processing data: URL. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an arbitrary site. Example of use:

data: text / html; base64, PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ +

Manufacturer URL:

Solution: The way to eliminate the vulnerability does not exist at present.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s