CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2260

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0090%
EPSS Percentile31.40th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.

Affected Platforms (CPE)

πŸ“¦
Opera

Opera Browser

< 7.50

References & Advisories

πŸ”— http://secunia.com/advisories/11532
πŸ”— http://secunia.com/secunia_research/2004-2/advisory/
πŸ”— http://www.osvdb.org/6108
πŸ”— http://www.securityfocus.com/bid/10337
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/16131
πŸ”— http://secunia.com/advisories/11532
πŸ”— http://secunia.com/secunia_research/2004-2/advisory/
πŸ”— http://www.osvdb.org/6108

Related Vulnerabilities

CVE-2009-20706.8

Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in...

CVE-2007-20226.8

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to o...

CVE-2018-125876.1

A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). In...

CVE-2003-10175.0

Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such...