CVE-2005-1669
Opera Browser < 8.01 - Cross-Site Scripting via JavaScript URL in New Window
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.
References (2)
Core 2
Core References
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15411
Not Applicable x_refsource_misc
http://secunia.com/secunia_research/2005-5/advisory/
Scores
EPSS
0.0044
EPSS Percentile
63.2%
Details
CWE
CWE-79
Status
published
Products (1)
opera/opera_browser
< 8.01
Published
Jun 16, 2005
Tracked Since
Feb 18, 2026