CVE-2012-3555 — Cross-site Scripting in Browser

3 documents3 sources

Severity

7.6HIGHNVD

EPSS

4.6%

top 10.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedJun 14

Latest updateMay 17

Description

Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site, related to a "hidden keyboard navigation" issue.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages1 packages

▶NVDopera/opera_browser11.62+80

🔴Vulnerability Details

GHSA

GHSA-7r9f-x96f-gc49: Opera before 11↗2022-05-17

▶

CVEList

CVE-2012-3555: Opera before 11↗2012-06-14

▶