Back to search
CVE-2013-1639
Published: Feb 8, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.opera.com/docs/changelogs/unified/1213/
x_refsource_CONFIRM
openSUSE-SU-2013:0289
vendor-advisory
x_refsource_SUSE
http://www.opera.com/support/kb/view/1045/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now