Summary
Opera displays certain data: URLs wrongly, enabling URL spoofing.
Severity: Moderately severe
Problem description
data: URLs embed data inside them, instead of linking to an externalresource. Opera can mistakenly display the end of a data URL insteadof the beginning. This allows an attacker to spoof the URL of atrusted site.
Opera’s response
Opera Software has released Opera 9.22 which has corrected this issue.