CVE-2012-4144Cross-site Scripting in Browser

CWE-79Cross-site Scripting3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.4%
top 39.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opera Browser
Timeline
PublishedAug 6
Latest updateMay 17

Description

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, does not properly escape characters in DOM elements, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted HTML document.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDopera/opera_browser12.00+27

🔴Vulnerability Details

2
GHSA
GHSA-7qj5-5q6r-f43g: Opera before 122022-05-17
CVEList
CVE-2012-4144: Opera before 122012-08-06
CVE-2012-4144 — Cross-site Scripting in Opera Browser | cvebase