cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-6158,https://securityvulnerability.io/vulnerability/CVE-2020-6158,Address Bar Spoofing in Opera Mini for Android,"Opera Mini for Android prior to version 52.2 is susceptible to a significant vulnerability that enables address bar spoofing. In this scenario, a malicious website can manipulate the browser's interface, misleading users into believing they are on a legitimate page. Such deception can result in users inadvertently disclosing sensitive information, as they may not recognize the true origin of the page they are interacting with. This vulnerability underscores the importance of browser security in safeguarding user data from potential impersonation attacks.",Opera,Opera Mini For Android,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-21T13:30:31.434Z,0
CVE-2021-23253,https://securityvulnerability.io/vulnerability/CVE-2021-23253,Address Bar Spoofing Vulnerability in Opera Mini for Android,"A vulnerability in Opera Mini for Android allows a malicious attacker to exploit the left-aligned URL display feature in the address field. This flaw can lead to URL spoofing, where the user sees only part of a fraudulent URL, creating an illusion of safety. Attackers can craft deceptive URLs that appear legitimate, while the actual domain name is hidden, thereby increasing the risk of phishing and other malicious activities. The issue is resolved in version 53.1, where long URLs are displayed with the top-level domain label aligned to the right, minimizing this risk.",Opera,Opera Mini For Android,5.3,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2021-01-11T15:43:01.000Z,0
CVE-2020-6159,https://securityvulnerability.io/vulnerability/CVE-2020-6159,Cross-Site Scripting Vulnerability in Opera for Android,"This vulnerability in Opera for Android can allow users to be misled into executing cross-site scripting (XSS) attacks against themselves. Typically, URLs using the 'javascript:' protocol have their protocol removed to safeguard users from XSS risks. However, in specific scenarios, this protective measure fails, leaving users susceptible to social engineering tactics. Users are strongly advised to update their Opera for Android browser to the latest version to mitigate risks related to this flaw.",Opera,Opera For Android,6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2020-12-23T15:08:58.000Z,0
CVE-2019-19788,https://securityvulnerability.io/vulnerability/CVE-2019-19788,Sandbox Bypass Vulnerability in Opera for Android by Opera Software,"A vulnerability exists in Opera for Android versions prior to 54.0.2669.49432, which allows attackers to exploit a sandboxed cross-origin iframe bypass. This issue enables an attacker to manipulate a service operating within a sandboxed iframe, circumventing the typical sandboxing restrictions. Consequently, it may result in unauthorized forced redirections without user consent, posing significant security risks for users.",Opera Software As,Opera For Android,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-12-18T21:31:10.000Z,0