Address Bar Spoofing Vulnerability in Opera Touch for iOS
CVE-2020-6157

4.3MEDIUM

Key Information:

Vendor: Opera
Status: Opera Touch For iOS
Vendor: CVE Published:; 13 November 2020

Summary

The vulnerability in Opera Touch for iOS prior to version 2.4.5 exposes users to an address bar spoofing attack. In this scenario, a malicious webpage can manipulate the browser's address bar to display a different URL, misleading users into believing they are on a legitimate website. This deception can result in sensitive information being unwittingly disclosed to attackers, posing significant risks to user privacy and data integrity.

Affected Version(s)

Opera Touch for iOS Below 2.4.5

References

https://security.opera.com/address-bar-spoofing-in-opera-...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 13, 2020
Vulnerability Reserved
Jan 7, 2020