Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not performed. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Opera for Android versions below 61.0.3076.56532.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Opera Software Opera 跨站脚本漏洞
Vulnerability Description
Opera Software Opera是挪威欧朋(Opera Software)公司的一款Web浏览器,它支持多窗口浏览、自定义用户界面等功能。 Opera for Android versions below 61.0.3076.56532 存在跨站脚本漏洞,该漏洞源于使用“javascript:”的url当粘贴到地址栏时,协议被删除,以保护用户免受跨站点脚本攻击。但在某些情况下,这种删除不会执行。这可能允许用户被社会设计来对自己进行XSS攻击。
CVSS Information
N/A
Vulnerability Type
N/A