Manipulating the window can be used to spoof the page address – Opera Security Advisories

Severity

Low

Description

Web page scripts can be used to alter the size of the browser window. In some cases, this manipulation can cause the wrong part of the Web page address to be displayed in the Address Bar, so that the part that is initially visible to the user is not the start of the address, and may contain content that the user thinks is a different page address.

In most cases, the attempt to spoof the page address will fail, and the Address Bar will continue to show the correct information. In all cases, the security information dialog will still show the correct information.

Opera’s response

Opera Software has released Opera 10.63, where this issue has been fixed.