CVE-2008-5681 — Browser vulnerability

3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.4%

top 42.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedDec 19

Latest updateMay 17

Description

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser9.62+72

🔴Vulnerability Details

GHSA

GHSA-2jgm-p57p-vrfj: Opera before 9↗2022-05-17

▶

CVEList

CVE-2008-5681: Opera before 9↗2008-12-19

▶