Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
References
Configurations
History
No history.
Information
Published : 2010-02-18 18:00
Updated : 2024-02-28 11:41
NVD link : CVE-2010-0653
Mitre link : CVE-2010-0653
CVE.ORG link : CVE-2010-0653
JSON object : View
Products Affected
opera
- opera_browser
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor