Web fonts can be used to spoof the page address – Opera Security Advisories


In some cases, a Web font intended to be used for page content could be incorrectly used by Opera to render parts of the user interface, including the address field. This can be used by a malicious site to display a false domain name in the address field.

Operating systems



Less severe

Opera’s Response

Opera Software has released Opera 10.01, where this issue has been fixed.


Thanks to John Daggett for reporting this issue to Opera Software.