Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation14 reference(s) from NVD