CVE-2004-2260

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.
References
Link Resource
http://secunia.com/advisories/11532 Broken Link Patch Vendor Advisory
http://secunia.com/secunia_research/2004-2/advisory/ Broken Link Vendor Advisory
http://www.osvdb.org/6108 Broken Link Patch
http://www.securityfocus.com/bid/10337 Broken Link Patch Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/16131 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

History

28 Feb 2022, 18:19

Type Values Removed Values Added
CPE cpe:2.3:a:opera_software:opera_web_browser:7.23:*:*:*:*:*:*:* cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-601
References (OSVDB) http://www.osvdb.org/6108 - Patch (OSVDB) http://www.osvdb.org/6108 - Broken Link, Patch
References (SECUNIA) http://secunia.com/advisories/11532 - Patch, Vendor Advisory (SECUNIA) http://secunia.com/advisories/11532 - Broken Link, Patch, Vendor Advisory
References (MISC) http://secunia.com/secunia_research/2004-2/advisory/ - Vendor Advisory (MISC) http://secunia.com/secunia_research/2004-2/advisory/ - Broken Link, Vendor Advisory
References (BID) http://www.securityfocus.com/bid/10337 - Patch (BID) http://www.securityfocus.com/bid/10337 - Broken Link, Patch, Third Party Advisory, VDB Entry
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/16131 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/16131 - Third Party Advisory, VDB Entry

Information

Published : 2004-12-31 05:00

Updated : 2024-02-04 16:52


NVD link : CVE-2004-2260

Mitre link : CVE-2004-2260

CVE.ORG link : CVE-2004-2260


JSON object : View

Products Affected

opera

  • opera_browser
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')