SUSE CVE-2008-4697

The Fast Forward feature in Opera before 9.61, when a page is located in a frame, executes a javascript: URL in the context of the outermost page instead of the page that contains this URL, which allows remote attackers to conduct cross-site scripting XSS attacks...

Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been

The Mozilla Foundation Security Advisory describes this flaw as: When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to...

Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been

The Mozilla Foundation Security Advisory describes this flaw as: When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to...

Fast Forward can allow cross-site scripting – Opera Security Advisories

Fast Forward can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Platforms All desktop versions Problem Description If a link that uses a JavaScript URL triggers Opera’s Fast Forward feature, when the user activates Fast Forward, the...