Opera 11.61 fixes XSS vulnerability
Version 11.61 of Opera has been released. According to its developers, the maintenance update fixes bugs found in the existing builds and closes two security holes in the web browser.
Opera 11.61 addresses a "high" severity cross-site scripting (XSS) vulnerability that could be exploited by an attacker to bypass the same origin policy. A second issue, rated as "low" severity, in which remote pages could detect what local files a user has on their local machine, has also been fixed. Changes that are not related to security include an update to the default Speed Dials as well as fixes for the built-in email client and a number of bugs that caused the application to crash.
More details about the update can be found in the Windows, Mac and UNIX change logs, as well as the security advisories. Opera 11.61 is available to download for Windows, Mac OS X, Linux, FreeBSD and Solaris.
See also:
- Script events can be used to reveal the presence of local files, an Opera security advisory.
- Manipulation of framed content can allow cross-site scripting, an Opera security advisory.
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
