CVE-2010-2661

Description

Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations.

Risk Information

Base Score

7.5

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

Exploitation Probability

1.003

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Opera 10.60	Windows
Multiple vulnerabilities affected in Opera 10.60 (For Ubuntu)	Linux
Multiple vulnerabilities affected in Opera 10.60 (For Debian)	Linux
Multiple vulnerabilities affected in Opera 10.60 (For Centos)	Linux
Multiple vulnerabilities affected in Opera 10.60 (For RedHat)	Linux
Multiple vulnerabilities affected in Opera 10.60 (For Suse)	Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234