CVE-2010-4043

Medium CVSS 4.3

Overview

Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.

CWE: CWE-264 Published: 2010-10-21T19:00:05.097

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.3 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags