CVE-2020-6157
First published: Fri Nov 13 2020(Updated: )
Opera Touch for iOS before version 2.4.5 is vulnerable to an address bar spoofing attack. The vulnerability allows a malicious page to trick the browser into showing an address of a different page. This may allow the malicious page to impersonate another page and trick a user into providing sensitive data.
Credit: security@opera.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opera Opera Touch | <2.4.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-6157.
What is the title of the vulnerability?
The title of the vulnerability is Opera Touch for iOS before version 2.4.5 address bar spoofing vulnerability.
What is the severity of CVE-2020-6157?
The severity of CVE-2020-6157 is medium (4.3).
How does the vulnerability in Opera Touch for iOS before version 2.4.5 work?
The vulnerability allows a malicious page to trick the browser into showing an address of a different page, potentially allowing it to impersonate another page and trick users into providing sensitive information.
How can I fix the vulnerability in Opera Touch for iOS?
To fix the vulnerability, update Opera Touch for iOS to version 2.4.5 or later.
- collector/nvd-index
- agent/description
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/opera
- canonical/opera opera touch