FreeBSD : opera -- multiple vulnerabilities (f5c4d7f7-9f4b-11dd-bab1-001999392805)
Medium Nessus Plugin ID 34508
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionOpera reports :
Certain constructs are not escaped correctly by Opera's History Search results. These can be used to inject scripts into the page, which can then be used to look through the user's browsing history, including the contents of the pages they have visited. These may contain sensitive information.
When Opera is previewing a news feed, some scripts are not correctly blocked. These scripts are able to subscribe the user to any feed URL that the attacker chooses, and can also view the contents of any feeds that the user is subscribed to. These may contain sensitive information.
SolutionUpdate the affected packages.