CSS Extensions for XML Implementation in Opera before 11.01 Allows Bypass of CSS Filtering via Crafted URL

CSS Extensions for XML Implementation in Opera before 11.01 Allows Bypass of CSS Filtering via Crafted URL

CVE-2011-0681 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL.

Learn more about our Web Application Penetration Testing UK.