DOM events manipulation might be used to execute arbitrary code – Opera Security Advisories

Severity:

High

Description:

Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed.

Opera’s response:

Opera Software has released Opera 12.13, where this issue has been fixed.

Credits:

Thanks to Arthur Gerkis for reporting this issue to Opera Software.