Advisory: Address bar spoofing on Mac platform with drag and drop
UPDATE Link: http://www.opera.com/blogs/security/2014/01/security-changes-features-opera-19/
Announced: January 31, 2014
Reporter: Security researcher Jordi Chancel
Fixed in: Opera 19
Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation.
Opera Software has released Opera 19, where this issue has been fixed.
Reported by Jordi Chancel.
- Vidéo de démonstration :
-Security Researcher Jordi Chancel