CVE-2008-4696

Opera - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/16304

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by egypt · rubyremotemultiple

https://www.exploit-db.com/exploits/9944

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Roberto Suggi Liverani · textremotewindows

https://www.exploit-db.com/exploits/6801

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Roberto Suggi · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/opera_historysearch.rb

View Code ZIP pw:eip

References (20)

Core 20

Core References

Patch x_refsource_confirm

http://www.opera.com/docs/changelogs/mac/961/

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2873

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32538

Vendor Advisory x_refsource_confirm

http://www.opera.com/docs/changelogs/solaris/961/

Various Sources x_refsource_misc

http://www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site_Scripting.pdf

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/31869

Vendor Advisory x_refsource_confirm

http://www.opera.com/docs/changelogs/windows/961/

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/46003

Patch x_refsource_confirm

http://www.opera.com/docs/changelogs/linux/961/

Vendor Advisory x_refsource_confirm

http://www.opera.com/support/search/view/903/

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32394

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2008/10/21/6

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32299

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2008/10/22/5

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6801

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/4504

Patch x_refsource_confirm

http://www.opera.com/docs/changelogs/freebsd/961/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/497646/100/0/threaded

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200811-01.xml

Scores

EPSS 0.6212

EPSS Percentile 98.4%

Details

CWE

CWE-79

Status published

Products (41)

opera/opera

opera/opera 5..10

opera/opera 5.0

opera/opera 5.1

opera/opera 5.2

opera/opera 5.3

opera/opera 5.4

opera/opera 5.5

opera/opera 5.6

opera/opera 5.7

... and 31 more

Published Oct 23, 2008

Tracked Since Feb 18, 2026