Opera Software have released an update for their Opera web browser. Version 12.13 contains fixes to four security vulnerabilities.
high:
* Fixed an issue where DOM events manipulation might be used to execute arbitrary code, as reported by Arthur Gerkis; advisory
* Fixed an issue where use of SVG clipPaths could allow execution of arbitrary code, as reported by anonymous via the iSIGHT Partners GVP Program; advisory
low:
* Fixed an issue where CORS requests could omit the preflight request, as reported by webpentest; advisory
In addition, one other low severity security issue (Opera Software will disclose its details at a later date) was fixed.
Opera users are strongly recommended to update to the latest version. New version can be downloaded here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment