What is CVE-2008-4696?

CVE-2008-4696 is a vulnerability in N/a. Published 2008-10-23.

Is CVE-2008-4696 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-4696

Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage…

EPSS: 0.621 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

32394 (x_refsource_SECUNIA, third-party-advisory)
www.opera.com/docs/changelogs/mac/961/ (x_refsource_CONFIRM)
ADV-2008-2873 (vdb-entry, x_refsource_VUPEN)
[oss-security] 20081021 Re: CVE Request: Opera 9.60 with security fixes (mailing-list, x_refsource_MLIST)
32538 (x_refsource_SECUNIA, third-party-advisory)
32299 (x_refsource_SECUNIA, third-party-advisory)
www.opera.com/docs/changelogs/solaris/961/ (x_refsource_CONFIRM)
www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site… (x_refsource_MISC)
[oss-security] 20081022 Re: CVE Request: Opera 9.60 with security fixes (mailing-list, x_refsource_MLIST)
31869 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2008-4696?: CVE-2008-4696 is a vulnerability in N/a. Published 2008-10-23.
Is CVE-2008-4696 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.