CVE-2009-3265

Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design feature," not a vulnerability.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*

Information

Published : 2009-09-18 15:30

Updated : 2018-10-10 12:43


NVD link : CVE-2009-3265

Mitre link : CVE-2009-3265


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

opera

  • opera_browser