9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.021 Low
EPSS
Percentile
89.1%
An advisory from Opera reports:
If a user has configured Opera to use an external newsgroup
client or e-mail application, specially crafted Web pages can
cause Opera to run that application incorrectly. In some cases
this can lead to execution of arbitrary code.
When accesing frames from different Web sites, specially crafted
scripts can bypass the same-origin policy, and overwrite functions
from those frames. If scripts on the page then run those functions,
this can cause the script of the attackerβs choice to run in the
context of the target Web site.