Opera < 7.54.0 Remote Location Object XSS

Medium Log Correlation Engine Plugin ID 800836


The remote host is vulnerable to a cross-site scripting (XSS) attack.


The remote host is using Opera, which is affected by a remote location object cross-domain scripting issue. An attacker may gain access to directory contents, files and email messages that are read using Opera's email utilities.


Install Opera 7.54.0 or higher.

Plugin Details

Severity: Medium

ID: 800836

File Name: 800836.prm

Family: Web Clients

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2004-2570

BID: 10873