Cross-Site Scripting Vulnerability in Opera Browser
CVE-2002-0270

Currently unrated

Key Information:

Vendor: Opera Software
Status: Opera Web Browser
Vendor: CVE Published:; 29 May 2002

🔔 Create Opera Software Vulnerability Alert

What is CVE-2002-0270?

Opera can incorrectly index the MIME type of certain objects when the 'Determine action by MIME type' option is disabled. This could lead to scenarios where objects with a 'text/plain' MIME type are processed as HTML documents. This misconfiguration can be exploited by attackers to inject and execute arbitrary scripts in the context of unsuspecting users, potentially compromising their security and privacy through web applications that utilize the text/plain MIME type to thwart cross-site scripting attacks.

References

http://marc.info/?l=bugtraq&m=101363764421623&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2002
Vulnerability Reserved
May 1, 2002