CVE-2013-1639
published 2013-02-08CVE-2013-1639: Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a…
PriorityP427medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
0.49%
38.5th percentile
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opera | opera_browser | <= 12.12 | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.opensuse.org/opensuse-updates/2013-02/msg00038.htmlhttp://www.opera.com/docs/changelogs/unified/1213/http://www.opera.com/support/kb/view/1045/http://lists.opensuse.org/opensuse-updates/2013-02/msg00038.htmlhttp://www.opera.com/docs/changelogs/unified/1213/http://www.opera.com/support/kb/view/1045/
2013-02-08
Published