Security Advisory

CVE-2009-3265

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-09-18 22:00:00

Last updated 2024-08-07 06:22:24

Assigner mitre

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design feature," not a vulnerability.

← Browse all CVEs View on cve.org ↗