CVE-2008-4200

Opera before 9.52 does not ensure that the address field of a news feed represents the feed’s actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker.

Date published : 2008-09-26

http://www.securityfocus.com/bid/30768

http://bugs.gentoo.org/show_bug.cgi?id=235298