Advisory: data: URLs can spoof trusted trusted sites
Summary
Opera displays certain data: URLs wrongly, enabling URL spoofing.
Severity: Moderately severe
Problem description
data: URLs embed data inside them, instead of linking to an external resource. Opera can mistakenly display the end of a data URL instead of the beginning. This allows an attacker to spoof the URL of a trusted site.
Opera's response
Opera Software has released Opera 9.22 which has corrected this issue.
Search our knowledge base: