Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Opera Cookie修改漏洞
Vulnerability Description
Opera是挪威欧朋(Opera Software)公司所开发的一款Web浏览器,它支持多窗口浏览、可定制用户界面等。 Opera不能正确限制建立在HTTPS会话中的cookies的修改。中间人攻击者可借助HTTP响应中的Set-Cookie头覆盖或者删除任意cookies。
CVSS Information
N/A
Vulnerability Type
N/A