CVE-2011-4682

Medium CVSS 6.4

Overview

The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites.

CWE: CWE-264 Published: 2011-12-07T19:55:02.567

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.4 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags