Unrated severityNVD Advisory· Published Dec 23, 2020· Updated Aug 4, 2024
CVE-2020-6159
CVE-2020-6159
Description
URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not performed. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Opera for Android versions below 61.0.3076.56532.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Opera/Opera for Androiddescription
- Range: <61.0.3076.56532
Patches
Vulnerability mechanics
References
1- security.opera.com/cross-site-scripting-in-ofa-opera-security-advisories/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.