CVE-2013-3210

Opera <12.15 - Info Disclosure

Title source: llm

Description

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

References (2)

Scores

EPSS 0.0023
EPSS Percentile 45.5%

Classification

CWE
CWE-200
Status draft

Affected Products (50)

opera/opera_browser < 12.14
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
opera/opera_browser
... and 35 more

Timeline

Published Apr 19, 2013
Tracked Since Feb 18, 2026