CVE-2019-19788: Medium severity opera browser for android vulnerability
Published Dec 18, 2019
·Updated
Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context.
Affected Software
1 affected component
Opera Opera Android<54.0.2669.49432
Event History
Dec 18, 2019
CVE Published
via MITRE·09:31 PM
Data Sourced
via MITRE·09:31 PM
DescriptionWeakness
Frequently Asked Questions
1
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2019-19788.
2
What is the severity level of CVE-2019-19788?
The severity level of CVE-2019-19788 is medium (5.5).
3
Which versions of Opera for Android are affected by this vulnerability?
Opera for Android versions up to 54.0.2669.49432 are affected by this vulnerability.
4
How does the vulnerability in Opera for Android occur?
The vulnerability in Opera for Android is a sandboxed cross-origin iframe bypass attack.
5
Is there a fix available for this vulnerability?
Yes, updating Opera for Android to version 54.0.2669.49432 or later will fix this vulnerability.