CVE-2003-1420

Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header.

Published: Dec 31, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-1420
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
opera / opera_browser	6.0	7.02

http://www.securityfocus.com/archive/1/313216
http://www.securityfocus.com/bid/6962
https://exchange.xforce.ibmcloud.com/vulnerabilities/11423

Vulnerability Database

289,697

CVE-2003-1420