CVE-2009-3266 in Opera Web Browserinformation

Résumé (Anglaise)

Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, related to the rendering of the application/rss+xml content type as "scripted content."

Réserver

18/09/2009

Divulgation

18/09/2009

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
50124	Opera Web Browser cross site scripting	79	Preuve de concept	Correctif officiel	CVE-2009-3266

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Do you know our Splunk app?

Download it now for free!