CVE-2008-4199Sensitive Information Exposure in Browser

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.8%
top 25.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opera Browser
Timeline
PublishedSep 27
Latest updateMay 2

Description

Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDopera/opera_browser9.51+53

🔴Vulnerability Details

2
GHSA
GHSA-xgh3-px9j-7w6v: Opera before 92022-05-02
CVEList
CVE-2008-4199: Opera before 92008-09-27
CVE-2008-4199 — Sensitive Information Exposure | cvebase