CVE-2008-1082

2008-02-2902:44:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-1082

opera

xss

security

vulnerability

dom presentation

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.0%

JSON

Opera before 9.26 allows remote attackers to “bypass sanitization filters” and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation.

CPENameOperatorVersion
opera:opera_browseropera opera browsereq4.01
opera:opera_browseropera opera browsereq7.01
opera:opera_browseropera opera browsereq7.23
opera:opera_browseropera opera browsereq2.10
opera:opera_browseropera opera browsereq9.02
opera:opera_browseropera opera browsereq7.03
opera:opera_browseropera opera browsereq7.53
opera:opera_browseropera opera browsereq4.00
opera:opera_browseropera opera browsereq8.50
opera:opera_browseropera opera browsereq9.24

CPE	Name	Operator	Version
opera:opera_browser	opera opera browser	eq	4.01
opera:opera_browser	opera opera browser	eq	7.01
opera:opera_browser	opera opera browser	eq	7.23
opera:opera_browser	opera opera browser	eq	2.10
opera:opera_browser	opera opera browser	eq	9.02
opera:opera_browser	opera opera browser	eq	7.03
opera:opera_browser	opera opera browser	eq	7.53
opera:opera_browser	opera opera browser	eq	4.00
opera:opera_browser	opera opera browser	eq	8.50
opera:opera_browser	opera opera browser	eq	9.24