CVE-2012-3556
Opera < 11.65 - Cross-Site Scripting via Pop-Up Window on Double-Click
Title source: llmDescription
Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unix/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1165/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/1020/
Scores
EPSS
0.0234
EPSS Percentile
85.1%
Details
CWE
CWE-20
Status
published
Products (29)
opera/opera_browser
5.0 (8 CPE variants)
opera/opera_browser
5.02
opera/opera_browser
5.10
opera/opera_browser
5.11
opera/opera_browser
5.12
opera/opera_browser
6.0 (7 CPE variants)
opera/opera_browser
6.1 (2 CPE variants)
opera/opera_browser
6.01
opera/opera_browser
6.02
opera/opera_browser
6.03
... and 19 more
Published
Jun 14, 2012
Tracked Since
Feb 18, 2026