Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2012-03-28 03:22
Updated : 2024-02-28 12:00
NVD link : CVE-2012-1926
Mitre link : CVE-2012-1926
CVE.ORG link : CVE-2012-1926
JSON object : View
Products Affected
opera
- opera_browser
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor