- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22217
- Проверка EDB
-
- Пройдено
- Автор
- GREYMAGIC SOFTWARE
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2003-02-04
Код:
source: https://www.securityfocus.com/bid/6756/info
It has been reported that, when generating HTML to display images or embedded media, Opera does not correctly format the provided URL or sufficiently encode URLs to local files.
As a result of this lack of sanitization Opera is vulnerable to HTML injection attacks when handling local image or media files.
open("file://localhost/images/file.gif?\"><script>alert(location.href);</script>","","");- Источник
- www.exploit-db.com
