Vulnerability Management

Opera GX browser vulnerability could allow data theft and DoS attacks

Cybersecurity Alert Critical System Vulnerability Detected

Per Infosecurity Magazine, a vulnerability discovered in the Opera GX browser could allow malicious websites to automatically install customization mods and use them to steal data from other sites visited by a user, without requiring any interaction.

The vulnerability, found by security researcher zhero_web_security, allows for a zero-click cross-site leak (XS-Leak) by exploiting the automatic installation of GX Mods. Unlike typical browser extensions, these mods do not require permission prompts and can be installed simply by downloading their file. This enables attackers to inject CSS across all open tabs and websites, bypassing the usual single-page limitations of CSS injection. The researcher demonstrated that this could be used to exfiltrate data piece by piece, successfully recovering a victim's Gmail address.

Additionally, the auto-install behavior could be leveraged for a denial-of-service (DoS) attack. Forcing a mod installation in Incognito mode caused the browser to crash and close all open tabs. Opera patched the flaw on May 8, awarding a $5,000 bounty for the discovery.

Source: Infosecurity Magazine

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds