CVE-2005-1669

Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.
Configurations

Configuration 1 (hide)

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:57

Type Values Removed Values Added
References () http://secunia.com/advisories/15411 - Not Applicable () http://secunia.com/advisories/15411 - Not Applicable
References () http://secunia.com/secunia_research/2005-5/advisory/ - Not Applicable () http://secunia.com/secunia_research/2005-5/advisory/ - Not Applicable

28 Feb 2022, 16:35

Type Values Removed Values Added
References (SECUNIA) http://secunia.com/advisories/15411 - Patch, Vendor Advisory (SECUNIA) http://secunia.com/advisories/15411 - Not Applicable
References (MISC) http://secunia.com/secunia_research/2005-5/advisory/ - Patch, Vendor Advisory (MISC) http://secunia.com/secunia_research/2005-5/advisory/ - Not Applicable
CWE NVD-CWE-Other CWE-79
CPE cpe:2.3:a:opera_software:opera_web_browser:8.0_final_build_1095:*:*:*:*:*:*:* cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Information

Published : 2005-06-16 04:00

Updated : 2024-11-20 23:57


NVD link : CVE-2005-1669

Mitre link : CVE-2005-1669

CVE.ORG link : CVE-2005-1669


JSON object : View

Products Affected

opera

  • opera_browser
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')