CVE-2013-3210Sensitive Information Exposure in Browser

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 54.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opera Browser
Timeline
PublishedApr 19
Latest updateMay 17

Description

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDopera/opera_browser12.14+109

🔴Vulnerability Details

2
GHSA
GHSA-63p2-gq7m-9wpm: Opera before 122022-05-17
CVEList
CVE-2013-3210: Opera before 122013-04-19
CVE-2013-3210 — Sensitive Information Exposure | cvebase