CVE-2002-0898

Name of the Vulnerable Software and Affected Versions: Opera versions 6.0.1 through 6.0.2

Description: The issue allows a remote web site to upload arbitrary files from the client system without prompting the client. This is achieved via an input type=file tag whose value contains a newline.

Recommendations: For Opera versions 6.0.1 and 6.0.2, consider disabling the file upload functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.