User Experience Cross-Site Scripting Vulnerability in Opera Mini for iOS

CVE-2019-13607

Summary

The Opera Mini application for iOS, up to version 16.0.14, is susceptible to a User Experience Cross-Site Scripting (UXSS) vulnerability. This issue allows attackers to execute arbitrary JavaScript in the context of a user’s session by navigating to a specially crafted javascript: URL. Such vulnerabilities can lead to unauthorized data access and compromise user security.

References