First published: Wed Dec 18 2019(Updated: )
Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context.
Credit: security@opera.com
Affected Software | Affected Version | How to fix |
---|---|---|
Opera Opera | <54.0.2669.49432 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2019-19788.
The severity level of CVE-2019-19788 is medium (5.5).
Opera for Android versions up to 54.0.2669.49432 are affected by this vulnerability.
The vulnerability in Opera for Android is a sandboxed cross-origin iframe bypass attack.
Yes, updating Opera for Android to version 54.0.2669.49432 or later will fix this vulnerability.