CVE-2012-4142
Opera < 12.01 - Cross-Site Scripting via HTML Character Handling
Title source: llmDescription
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1166/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1201/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/1026/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1201/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unix/1201/
Scores
EPSS
0.0042
EPSS Percentile
62.0%
Details
CWE
CWE-79
Status
published
Products (27)
opera/opera_browser
12.00 beta (2 CPE variants)
opera/opera_browser
10.00 (4 CPE variants)
opera/opera_browser
10.01
opera/opera_browser
10.10 (2 CPE variants)
opera/opera_browser
10.11
opera/opera_browser
10.50 (3 CPE variants)
opera/opera_browser
10.51
opera/opera_browser
10.52 (3 CPE variants)
opera/opera_browser
10.53 (3 CPE variants)
opera/opera_browser
10.54
... and 17 more
Published
Aug 06, 2012
Tracked Since
Feb 18, 2026