Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-4696
HistoryOct 23, 2008 - 10:00 p.m.

CVE-2008-4696

2008-10-2322:00:01
CWE-79
[email protected]
web.nvd.nist.gov
5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.832

Percentile

98.5%

JSON

Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the “optional fragment”), which is not properly escaped before storage in the History Search database (aka md.dat).

Affected configurations

Nvd
Node
operaopera
OR
operaoperaRange9.6
OR
operaoperaMatch5..10
OR
operaoperaMatch5.0
OR
operaoperaMatch5.1
OR
operaoperaMatch5.2
OR
operaoperaMatch5.3
OR
operaoperaMatch5.4
OR
operaoperaMatch5.5
OR
operaoperaMatch5.6
OR
operaoperaMatch5.7
OR
operaoperaMatch5.8
OR
operaoperaMatch5.9
OR
operaoperaMatch5.11
OR
operaoperaMatch5.12
OR
operaoperaMatch6beta_1
OR
operaoperaMatch6.0
OR
operaoperaMatch6.01
OR
operaoperaMatch6.02
OR
operaoperaMatch6.03
OR
operaoperaMatch6.04
OR
operaoperaMatch6.05
OR
operaoperaMatch6.06
OR
operaoperaMatch7beta_1
OR
operaoperaMatch7beta_1.2
OR
operaoperaMatch7.0
OR
operaoperaMatch7.0beta_2
OR
operaoperaMatch7.01
OR
operaoperaMatch7.02
OR
operaoperaMatch7.03
OR
operaoperaMatch7.10
OR
operaoperaMatch7.11
OR
operaoperaMatch7.20
OR
operaoperaMatch7.20beta7
OR
operaoperaMatch7.21
OR
operaoperaMatch7.22
OR
operaoperaMatch7.23
OR
operaoperaMatch7.50
OR
operaoperaMatch7.50beta_1
OR
operaoperaMatch7.51
OR
operaoperaMatch7.52
OR
operaoperaMatch7.53
OR
operaoperaMatch7.54
OR
operaoperaMatch7.54update_1
OR
operaoperaMatch7.54update_2
OR
operaoperaMatch8.0
OR
operaoperaMatch8.0beta_1
OR
operaoperaMatch8.0beta_2
OR
operaoperaMatch8.0beta_3
OR
operaoperaMatch8.01
OR
operaoperaMatch8.02
OR
operaoperaMatch8.50
OR
operaoperaMatch8.51
OR
operaoperaMatch8.52
OR
operaoperaMatch8.53
OR
operaoperaMatch8.54
OR
operaoperaMatch9.0
OR
operaoperaMatch9.0beta_1
OR
operaoperaMatch9.0beta_2
OR
operaoperaMatch9.01
OR
operaoperaMatch9.02
OR
operaoperaMatch9.10
OR
operaoperaMatch9.20
OR
operaoperaMatch9.20beta_1
OR
operaoperaMatch9.21
OR
operaoperaMatch9.22
OR
operaoperaMatch9.23
OR
operaoperaMatch9.24
OR
operaoperaMatch9.25
OR
operaoperaMatch9.26
OR
operaoperaMatch9.27
OR
operaoperaMatch9.50
OR
operaoperaMatch9.50beta_2
OR
operaoperaMatch9.51
VendorProductVersionCPE
operaopera*cpe:2.3:a:opera:opera:*:*:*:*:*:*:*:*
operaopera5..10cpe:2.3:a:opera:opera:5..10:*:*:*:*:*:*:*
operaopera5.0cpe:2.3:a:opera:opera:5.0:*:*:*:*:*:*:*
operaopera5.1cpe:2.3:a:opera:opera:5.1:*:*:*:*:*:*:*
operaopera5.2cpe:2.3:a:opera:opera:5.2:*:*:*:*:*:*:*
operaopera5.3cpe:2.3:a:opera:opera:5.3:*:*:*:*:*:*:*
operaopera5.4cpe:2.3:a:opera:opera:5.4:*:*:*:*:*:*:*
operaopera5.5cpe:2.3:a:opera:opera:5.5:*:*:*:*:*:*:*
operaopera5.6cpe:2.3:a:opera:opera:5.6:*:*:*:*:*:*:*
operaopera5.7cpe:2.3:a:opera:opera:5.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 731

References

Related

prion 3
d2 1
exploitdb 3
cvelist 3
packetstorm 1
cve 3
ubuntucve 3
nvd 2
openvas 6
nessus 2
gentoo 1
prion
prion
Cross site scripting
2008-10-23 22:00:00
Code injection
2008-10-30 20:56:00
Cross site scripting
2008-10-23 22:00:00
d2
d2
DSquare Exploit Pack: D2SEC_OPERAXSS
2008-10-23 22:00:00
exploitdb
exploitdb
Opera 9.50/9.61 historysearch - Command Execution (Metasploit)
2008-10-23 00:00:00
Opera historysearch - Cross-Site Scripting (Metasploit)
2010-11-11 00:00:00
Opera 9.60 - Persistent Cross-Site Scripting
2008-10-22 00:00:00
cvelist
cvelist
CVE-2008-4696
2008-10-23 21:00:00
CVE-2008-4794
2008-10-30 20:49:00
CVE-2008-4725
2008-10-23 21:00:00
packetstorm
packetstorm
Opera historysearch XSS
2009-10-27 00:00:00
cve
cve
CVE-2008-4696
2008-10-23 22:00:01
CVE-2008-4794
2008-10-30 20:56:54
CVE-2008-4725
2008-10-23 22:00:01
ubuntucve
ubuntucve
CVE-2008-4696
2008-10-23 00:00:00
CVE-2008-4725
2008-10-23 00:00:00
CVE-2008-4794
2008-10-30 00:00:00
nvd
nvd
CVE-2008-4794
2008-10-30 20:56:54
CVE-2008-4725
2008-10-23 22:00:01
openvas
openvas
Opera Web Browser Multiple XSS Vulnerabilities - Windows
2008-10-30 00:00:00
Opera Web Browser Multiple XSS Vulnerability (Windows)
2008-10-30 00:00:00
Opera Web Browser Multiple XSS Vulnerability (Linux)
2008-10-30 00:00:00
nessus
nessus
Opera < 9.61 Multiple Vulnerabilities
2008-10-21 00:00:00
GLSA-200811-01 : Opera: Multiple vulnerabilities
2008-11-04 00:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2008-11-03 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.832

Percentile

98.5%

JSON
Related for NVD:CVE-2008-4696
prion3d21exploitdb3cvelist3packetstorm1cve3ubuntucve3nvd2openvas6nessus2gentoo1