Summary
This host is installed with Opera and is prone to multiple Cross-Site Scripting vulnerabilities.
Impact
Attacker can exploit this issue to conduct XSS attacks to inject arbitrary web script or HTML.
Impact Level: Application
Solution
Upgrade to version 10.1 or later,
For updates refer to http://www.opera.com
Insight
An error in the application which can be exploited to obtain complete control over feeds via a 'RSS' or 'Atom' feed. It is related to the rendering of the application/rss+xml content type as 'scripted content'.
Affected
Opera version 9.x and 10.x on Windows.
References
Severity
Classification
-
CVE CVE-2009-3265, CVE-2009-3266 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities