CVE-2005-1669

Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.

Published: Jun 16, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-1669
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
opera / opera_browser	-	8.01

http://secunia.com/advisories/15411
http://secunia.com/secunia_research/2005-5/advisory/

Vulnerability Database

289,697

CVE-2005-1669