CVE-2012-4142 — Cross-site Scripting in Browser

CWE-79 — Cross-site Scripting3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.4%
top 38.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opera Browser
Timeline
PublishedAug 6
Latest updateMay 17

Description

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

â–¶NVDopera/opera_browser12.00+27

🔴Vulnerability Details

2
GHSA
GHSA-55h8-9r93-gr3v: Opera before 12↗2022-05-17
â–¶
CVEList
CVE-2012-4142: Opera before 12↗2012-08-06
â–¶
CVE-2012-4142 — Cross-site Scripting in Opera Browser | cvebase