Medium Published: May 29, 2002 Modified: Apr 03, 2025

CVE-2002-0270

4.3 CVSS Score Medium

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Export CVE-2002-0270 Data:

Link copied!

Description

Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.

CVSS Vector Details

Attack Vector Network

Attack Complexity M

Confidentiality None

Integrity P

Availability None

Affected Software Configurations

a opera_software opera_web_browser 9.10 * * * * * * *

Weaknesses (CWE)

CWE-79

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis

Oct 18, 2016 02:18 CVE Modified

May 14, 2024 01:20 CVE Modified

Nov 20, 2024 23:38 CVE Modified

← Back to CVE Tracker