Opera Web Browser 'Refresh' Header XSS Vulnerabilities (Linux)

Summary
The host is installed with Opera Web Browser and is prone to Cross-Site Scripting Vulnerability.
Impact
Successful remote attack could execute arbitrary script code in the context of the user running the application and to steal cookie-based authentication credentials and other sensitive data that may aid in further attacks. Impact Level: Application
Solution
Upgrade to Opera version 9.64 or later. For updates refer to http://www.opera.com/download/
Insight
Flaw is due to error in Refresh headers in HTTP responses. It does not block javascript: URIs, while injecting a Refresh header or specifying the content of a Refresh header
Affected
Opera version 9.52 and prior on Linux.
References