CVE-2008-5681

Description

Opera before 9.63 does not block unspecified scripted URLs during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs.

Risk Information

Base Score

5.3

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

Exploitation Probability

0.357

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Opera 9.62	Windows
Multiple vulnerabilities affected in Opera 9.62 (For Ubuntu)	Linux
Multiple vulnerabilities affected in Opera 9.62 (For Debian)	Linux
Multiple vulnerabilities affected in Opera 9.62 (For Centos)	Linux
Multiple vulnerabilities affected in Opera 9.62 (For RedHat)	Linux
Multiple vulnerabilities affected in Opera 9.62 (For Suse)	Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234