Vulnerabilities > CVE-2019-19788 - Unspecified vulnerability in Opera 52.1.2517.139570

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

opera

NVD

Published: 2019-12-18

Updated: 2024-11-21

Summary

Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context.

Vulnerable Configurations

Part	Description	Count
Application	Opera Opera Opera - Opera Opera 52.1.2517.139570	2

References

https://security.opera.com/bypass-a-restriction-in-ofa-54-opera-security-advisories/
https://security.opera.com/bypass-a-restriction-in-ofa-54-opera-security-advisories/