2 matches found
XMLHttpRequest Object security bypass in Opera Web Browser
Overview The Opera Web Browser fails to properly enforce security restrictions on the XMLHttpRequest Object. This may allow a remote, unauthenticated attacker to insert content from potentially malicious web sites. Description The XMLHttpRequest Object is a scripting object that provides routines...
CVE-2005-1475
The CVE-2005-1475 issue affects Opera 8.0 Final Build 1095 where the XMLHttpRequest object could bypass same-origin restrictions due to insufficient validation of server-side redirects, allowing a remote attacker to access resources on other domains and perform actions with the user’s privileges....