CVE-2009-3266 in Opera Web Browserinformación

Resumen (Inglés)

Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, related to the rendering of the application/rss+xml content type as "scripted content."

Reservar

2009-09-18

Divulgación

2009-09-18

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
50124	Opera Web Browser secuencias de comandos en sitios cruzados	79	Prueba de concepto	Arreglo oficial	CVE-2009-3266

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

◂ AnteriorVisión De ConjuntoPróximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!