Opera: >> Opera Browser >> 10 Security Vulnerabilities
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.
CVSS Score
5.0
EPSS Score
0.002
Published
2013-04-19
Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVSS Score
5.8
EPSS Score
0.008
Published
2009-11-24
Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue."
CVSS Score
10.0
EPSS Score
0.014
Published
2009-11-24