Lucene search

K
cvelistOperaCVELIST:CVE-2019-19788
HistoryDec 18, 2019 - 9:31 p.m.

CVE-2019-19788

2019-12-1821:31:10
Opera
www.cve.org

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context.

CNA Affected

[
  {
    "product": "Opera for Android",
    "vendor": "Opera Software AS",
    "versions": [
      {
        "status": "affected",
        "version": "Below 54.0.2669.49432"
      }
    ]
  }
]

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Related for CVELIST:CVE-2019-19788