漏洞标题
N/A
漏洞描述信息
Opera 9.10 Final 允许远程攻击者通过在域名结尾添加某些字符来绕过欺诈保护机制,例如."和/"字符,它们未被黑列表过滤器捕捉到。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Opera 9.10 Final allows remote attackers to bypass the Fraud Protection mechanism by adding certain characters to the end of a domain name, as demonstrated by the "." and "/" characters, which is not caught by the blacklist filter.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Opera黑名单不完全漏洞
漏洞描述信息
Opera 9.10 终极版允许远程攻击者通过添加对一个域名末端的某个字符,录入"."和"/",这类不会被黑名单过滤器察觉的字符,绕过欺骗保户机制。
CVSS信息
N/A
漏洞类别
授权问题