CVE-2010-3020 — Browser vulnerability

CWE-2643 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 37.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedAug 16

Latest updateMay 17

Description

The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser10.60+86

🔴Vulnerability Details

GHSA

GHSA-jcwm-fvjw-g363: The news-feed preview feature in Opera before 10↗2022-05-17

▶

CVEList

CVE-2010-3020: The news-feed preview feature in Opera before 10↗2010-08-16

▶