Vulnerability: Cross-site scripting in Opera
If the Patch: None
Number of vulnerabilities: 1
Impact: Cross Site Scripting
Affected products: Opera 12.x
Affected versions: Opera 12.02 for Windows, Mac OS and Linux, possibly earlier
The vulnerability allows malicious people to conduct XSS attacks.
The vulnerability is caused due to insufficient processing data: URL. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an arbitrary site. Example of use:
data: text / html; base64, PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ +
Manufacturer URL: www.opera.com
Solution: The way to eliminate the vulnerability does not exist at present.