CVE-2005-2406

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
01/08/2005
Last modified:
03/04/2025

Description

Opera 8.01 allows remote attackers to conduct cross-site scripting (XSS) attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*