CVE-2012-1926
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.009 Low
EPSS
Percentile
82.2%
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.
References
lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html
osvdb.org/80622
secunia.com/advisories/48535
www.opera.com/docs/changelogs/mac/1162/
www.opera.com/docs/changelogs/unix/1162/
www.opera.com/docs/changelogs/windows/1162/
www.opera.com/support/kb/view/1012/
exchange.xforce.ibmcloud.com/vulnerabilities/74351
Related
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.009 Low
EPSS
Percentile
82.2%