CVE-2008-4696 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-4696 Interim 1 5 2023-12-09T02:07:48Z current 2021-05-30T12:44:16Z 2023-12-09T02:07:48Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-4696 Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7GTY3Q2KQY7K63CVQKWRTMVD6G27ZGAR/#7GTY3Q2KQY7K63CVQKWRTMVD6G27ZGAR E-Mail link for SUSE-SR:2008:022 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat). CVE-2008-4696 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N