CVE-2013-4705

Opera < 15.00 - Cross-Site Scripting via UTF-8 Encoding

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.

References (3)

Core 3

Core References

Third Party Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN01094166/index.html

Vendor Advisory x_refsource_misc

http://www.opera.com/docs/changelogs/unified/1500/

Third Party Advisory third-party-advisory x_refsource_jvndb

http://jvndb.jvn.jp/jvndb/JVNDB-2013-000086

Scores

EPSS 0.0025

EPSS Percentile 48.8%

Details

CWE

CWE-79

Status published

Products (26)

opera/opera_browser 1.00

opera/opera_browser 2.00

opera/opera_browser 2.10 (4 CPE variants)

opera/opera_browser 2.12

opera/opera_browser 3.00 (2 CPE variants)

opera/opera_browser 3.10

opera/opera_browser 3.21

opera/opera_browser 3.50

opera/opera_browser 3.51

opera/opera_browser 3.60

... and 16 more

Published Sep 13, 2013

Tracked Since Feb 18, 2026