Improper Blocking of Top-Level Domains in Set-Cookie Headers in Opera before 12.15

Improper Blocking of Top-Level Domains in Set-Cookie Headers in Opera before 12.15

CVE-2013-3210 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

Learn more about our Web App Pen Testing.