CVE-2012-3556 β€” Improper Input Validation in Browser

CWE-20 β€” Improper Input Validation3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
2.3%
top 15.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opera Browser
Timeline
PublishedJun 14
Latest updateMay 17

Description

Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

β–ΆNVDopera/opera_browser11.62+80

πŸ”΄Vulnerability Details

2
GHSA
GHSA-cv79-6mrh-257r: Opera before 11β†—2022-05-17
β–Ά
CVEList
CVE-2012-3556: Opera before 11β†—2012-06-14
β–Ά
CVE-2012-3556 β€” Improper Input Validation in Browser | cvebase