PT-2004-3155 · Opera · Opera Browser+1

Published

2004-12-31

Updated

2022-02-28

CVE-2004-2260

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Opera Browser versions prior to 7.50

Description: The issue allows remote attackers to redirect to other sites via the onUnload attribute, potentially enabling malicious web site operators to misrepresent their content as someone else's, resulting in a loss of integrity. This is triggered when the onUnload body attribute is used to change the address bar information without leaving the current page.

Recommendations: For Opera Browser versions prior to 7.50, update to version 7.50 or later to resolve the issue. As a temporary workaround, consider disabling the use of the onUnload attribute in web pages until the update is applied.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2004-2260

Affected Products

Opera

Opera Browser

PT-2004-3155 · Opera · Opera Browser+1

CVE-2004-2260

Weakness Enumeration

Related Identifiers

Affected Products

References · 7