Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Opera 注入漏洞
Vulnerability Description
Opera Software Opera是挪威欧朋(Opera Software)公司的一款Web浏览器,它支持多窗口浏览、自定义用户界面等功能。 Opera在对跨域对象的写访问控制存在安全漏洞,远程攻击者可以利用这个漏洞获得敏感信息或查看本地文件系统。Opera 7.01版本作了不允许对跨域对象写访问的措施。但是Opera对经常使用的"location"对象却没有正确设置。通过覆盖这个对象,攻击者可以利用脚本访问任意使用这些方法的WEB页面,包括其他域的页面及目标用户的本地文件系统。造成敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A